FYI: SSH1 now disabled at compile-time by default
Hubert Kario
hkario at redhat.com
Fri Mar 27 22:53:05 AEDT 2015
On Thursday 26 March 2015 11:19:28 Michael Felt wrote:
> Experience: I have some hardware, on an internal network - that only
> supports 40-bit ssl. I am forced to continue to use FF v17 because that was
> the last browser to provide SSL40-bit support. My security is weakened
> because I cannot update that browser, and I continue to lose plugins
> because they do not support FF17 anymore. All other browsers stopped
> support earlier as well.
Please put the device behind a stunnel and don't put yourself at risk.
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150327/c503c5cd/attachment.bin>
More information about the openssh-unix-dev
mailing list