|
|
Subscribe / Log in / New account

OpenSSH announces DSA-removal timeline

OpenSSH announces DSA-removal timeline

Posted Jan 13, 2024 15:28 UTC (Sat) by pizza (subscriber, #46)
In reply to: OpenSSH announces DSA-removal timeline by pizza
Parent article: OpenSSH announces DSA-removal timeline

> My "new" 10GbE PoE switch was discontinued by its manufacturer in _2015_.

Apparently this particular unit is running OpenSSH 5.8, and current OpenSSH 9.x (at least as shipped by Fedora 38+) refuses to negotiate a session key [1] I haven't needed to get into this thing for the better part of a year, when I expanded one of the VLANs. I'm glad I found out about this problem now, when I have physical access to connect to the switch's serial console and no emergency going on.

[1] Can't negotiate a mutually perceptible host key algorithm. I _might_ be able to resolve this with a config change on the switch. But that requires being able to log in first.

to post comments

OpenSSH announces DSA-removal timeline

Posted Jan 14, 2024 8:57 UTC (Sun) by cjwatson (subscriber, #7322) [Link]

That sounds like the sort of thing you can probably deal with using client options. Have you tried the various things on https://www.openssh.com/legacy.html ?


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds