Disabling Dropbear ssh-rsa support?
Robert Marko
robimarko at gmail.com
Fri Jul 4 10:06:40 PDT 2025
On Fri, 4 Jul 2025 at 18:58, Thibaut <hacks at slashdirt.org> wrote:
>
> Hi,
>
> > Le 4 juil. 2025 à 17:13, Stefan Kalscheuer via openwrt-devel <openwrt-devel at lists.openwrt.org> a écrit :
> >
>
> > Slight personal preference to do this also in case of a 24.10 backport, but that's a different discussion that may be postponed until after some feedback.
>
> Please don’t. This type of backward-incompatible change should never be backported (unless it’s the only way to fix a CVE).
Yeah, this definitely should not be backported, probably fine for main
but not for backporting.
Regards,
Robert
>
> Also does this affect the ssh client as well? This may be more relevant than the server side of things: a lot old(er) SSH server implementations only offer rsa-sha1 (e.g. off the top of my head, HP iLO 4), so users may lose the ability to connect there: this should be advertised.
>
> My 2c,
> T
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list