[alpine-devel] Openssh v7.0 has landed in edge

Carlo Landmeter
Message ID
Sender timestamp
DKIM signature
Download raw message
This is just a heads-up for anyone who is using our edge repository
and is using key based authentication for ssh. Make sure to update
your ssh keys to something like rsa or ed25519 (or any other key type
which is supported). If you use one of the older standards, chances
are you are not able to login anymore after switching to 7.x. This is
probably also the right time to update your keys on stable alpine
infra which plan to update to our future 3.3 release.

More information about retiring cryptography can be found below or in
the openssh 7.0 changelog [1]

Future deprecation notice

We plan on retiring more legacy cryptography in the next release

 * Refusing all RSA keys smaller than 1024 bits (the current minimum
   is 768 bits)

 * Several ciphers will be disabled by default: blowfish-cbc,
   cast128-cbc, all arcfour variants and the rijndael-cbc aliases
   for AES.

 * MD5-based HMAC algorithms will be disabled by default.

This list reflects our current intentions, but please check the final
release notes for OpenSSH 7.1 when it is released.

1. http://www.openssh.com/txt/release-7.0


Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org