deprecated options in sshd_config
mlrx
openssh-unix-dev at 18informatique.com
Sat Feb 24 16:27:13 AEDT 2018
Le 23/02/2018 à 23:12, Darren Tucker a écrit :
> On 24 February 2018 at 07:42, Colin Watson <cjwatson at debian.org> wrote:
>> On Fri, Feb 23, 2018 at 02:45:55PM +0100, mlrx wrote:
>>> May I infer that when an option is deprecated it can simply be deleted
>>> and consider that it is a working rule of the dev team (and therefore
>>> adopt this mode of operation for the future)?
>
> Anything that the server (or client for that matter) reports as "line
> N: FooOption option Deprecated" are no-ops and may safely be removed
> from the config.
That's what I searched, perfect.
>> I'm not a member of the OpenSSH development team, only a packager and
>> occasional contributor, so you can't infer anything like that from my
>> message. It wouldn't surprise me if there've been some times when more
>> migration work is required.
@C.W.: Thank you!
> Times where migration work is required are user-visible changes of
> behaviour and documented in the release notes[0] for that release,
> usually under "Potentially-incompatible changes". The specific
> options in this thread (KeyRegenerationInterval[1])
>
> 7.6p1:
>
> * ssh(1): delete SSH protocol version 1 support, associated
> configuration options and documentation.
>
> 7.5p1:
>
> * This release deprecates the sshd_config UsePrivilegeSeparation
> option, thereby making privilege separation mandatory. Privilege
> separation has been on by default for almost 15 years and
> sandboxing has been on by default for almost the last five.
>
> [0] https://www.openssh.com/releasenotes.html
> [1] https://man.openbsd.org/OpenBSD-6.0/sshd_config.5#KeyRegenerationInterval
Thank you to !
Regards,
--
benoist
More information about the openssh-unix-dev
mailing list