X-Original-To: alpine-devel@mail.alpinelinux.org
Delivered-To: alpine-devel@mail.alpinelinux.org
Received: from mail.alpinelinux.org (dallas-a1.alpinelinux.org [127.0.0.1])
	by mail.alpinelinux.org (Postfix) with ESMTP id 8D668DC8739
	for <alpine-devel@mail.alpinelinux.org>; Thu,  1 Oct 2015 12:45:56 +0000 (UTC)
Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com [209.85.212.177])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by mail.alpinelinux.org (Postfix) with ESMTPS id 13BB9DC00F4
	for <alpine-devel@lists.alpinelinux.org>; Thu,  1 Oct 2015 12:45:55 +0000 (UTC)
Received: by wicgb1 with SMTP id gb1so27956757wic.1
        for <alpine-devel@lists.alpinelinux.org>; Thu, 01 Oct 2015 05:45:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=HBqzwg6i4hmayKRaa2LLMr3yDoGlefnzjMtzH20tZm0=;
        b=ZYW96FvjSD+/xzH7UgQKFHwk1nh6i+l+eqJQyzg8fhduEUf9qx1X6o0GeZH+UuyRrk
         5z6kxZ4i5/cv4K55W9DrWfYSqM8XYrcZogxERB0pZuQCN4oXyw3fuBeZJzWyJ3F+tW6E
         BAgRkBwwUSAGJjp6hcn6lowo7MC3TF+xyOuv5s/iuxTe2IPqOZC+IuKEvleC57doF6/D
         uagXQJoM+Rr7qVbUMNrBEDJArz7rqEgcjnnjua1UbnWabXz8pGgSVi0sVz6qty9/Zqo9
         JgJIxQD929lojdCbh8ds0FAB4blzu0JOrJwtqt7qZZewfCfWVlaqCyaQoxrr12fXtzmr
         uXpA==
X-Mailinglist: alpine-devel
Precedence: list
List-Id: Alpine Development <alpine-devel.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-devel+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-devel@lists.alpinelinux.org>
List-Help: <mailto:alpine-devel+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-devel+subscribe@lists.alpinelinux.org?subject=subscribe>
MIME-Version: 1.0
X-Received: by 10.180.107.193 with SMTP id he1mr3399703wib.81.1443703553879;
 Thu, 01 Oct 2015 05:45:53 -0700 (PDT)
Received: by 10.28.93.205 with HTTP; Thu, 1 Oct 2015 05:45:53 -0700 (PDT)
Date: Thu, 1 Oct 2015 14:45:53 +0200
Message-ID: <CA+cSEmN0sL0KQNcLMRtE80bvPbOdu1U6RaLR9WD6PUYNFr0Ybg@mail.gmail.com>
Subject: [alpine-devel] Openssh v7.0 has landed in edge
From: Carlo Landmeter <clandmeter@gmail.com>
To: Alpine-devel <alpine-devel@lists.alpinelinux.org>
Content-Type: text/plain; charset=UTF-8
X-Virus-Scanned: ClamAV using ClamSMTP

This is just a heads-up for anyone who is using our edge repository
and is using key based authentication for ssh. Make sure to update
your ssh keys to something like rsa or ed25519 (or any other key type
which is supported). If you use one of the older standards, chances
are you are not able to login anymore after switching to 7.x. This is
probably also the right time to update your keys on stable alpine
infra which plan to update to our future 3.3 release.

More information about retiring cryptography can be found below or in
the openssh 7.0 changelog [1]

Future deprecation notice
=========================

We plan on retiring more legacy cryptography in the next release
including:

 * Refusing all RSA keys smaller than 1024 bits (the current minimum
   is 768 bits)

 * Several ciphers will be disabled by default: blowfish-cbc,
   cast128-cbc, all arcfour variants and the rijndael-cbc aliases
   for AES.

 * MD5-based HMAC algorithms will be disabled by default.

This list reflects our current intentions, but please check the final
release notes for OpenSSH 7.1 when it is released.

1. http://www.openssh.com/txt/release-7.0

-carlo


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---