Mail archive
alpine-devel

[alpine-devel] Openssh v7.0 has landed in edge

From: Carlo Landmeter <clandmeter_at_gmail.com>
Date: Thu, 1 Oct 2015 14:45:53 +0200

This is just a heads-up for anyone who is using our edge repository
and is using key based authentication for ssh. Make sure to update
your ssh keys to something like rsa or ed25519 (or any other key type
which is supported). If you use one of the older standards, chances
are you are not able to login anymore after switching to 7.x. This is
probably also the right time to update your keys on stable alpine
infra which plan to update to our future 3.3 release.

More information about retiring cryptography can be found below or in
the openssh 7.0 changelog [1]

Future deprecation notice
=========================

We plan on retiring more legacy cryptography in the next release
including:

 * Refusing all RSA keys smaller than 1024 bits (the current minimum
   is 768 bits)

 * Several ciphers will be disabled by default: blowfish-cbc,
   cast128-cbc, all arcfour variants and the rijndael-cbc aliases
   for AES.

 * MD5-based HMAC algorithms will be disabled by default.

This list reflects our current intentions, but please check the final
release notes for OpenSSH 7.1 when it is released.

1. http://www.openssh.com/txt/release-7.0

-carlo


---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Thu Oct 01 2015 - 14:45:53 UTC