[Bug 3861] The build option --enable-dsa-keys no longer works.
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Sep 9 11:37:04 AEST 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3861
--- Comment #2 from Barry Nelson <barry.nelson at amobiledevice.com> ---
You are missing the point. It should have been completely disabled and
removed from the server side for some time before removing it on the
client side. It is still often needed on the client side for connecting
to older equipment where the server software is in firmware and cannot
be updated.
What options do we have?
Buy new equipment? (Send me a check please... :) )
Use telnet? (Like that's better?)
Run the older ssh software? (That seems counter productive to getting
the new version accepted.)
I propose that the client should build with DSA disabled in the config,
and the server side should have it disabled and removed completely by
default.
Apparently the CFLAG -DWITH_DSA still works, BUT that enables it for
BOTH the client and the server, although it is off by default in the
config for both. The configure script option --enable-dsa-keys no
longer works for client or server.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list