On 02/01/18 19:18, Haven Tristan Hash wrote: > So they should have to wait until there are zero users before removing > or disabling anything? Even if there are security implications? That > would be impractical and dangerous for the other users. As suggested, all new SSH servers would refuse a key which is too short. What danger do you see?