[afnog] Fwd: [FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0
Daniel Shaw
daniel at afrinic.net
Thu Sep 1 05:05:03 UTC 2016
> On 1 Sep 2016, at 1:30 AM, Patrick Okui <pokui at psg.com> wrote:
>
> I’m sure most of us have seen this,
Indeed. Thanks for highlighting Patrick!
> but many operating systems have deprecated DSA keys due to new versions of OpenSSH.
Just to add a little more detail in case anyone has not yet seen this... Note that if your *client* machine (where you ssh *from*) updates to a new version with DSA deprecated, then by default it refuses to use existing DSA keys at all. Thus if you are using a DSA key for logins elsewhere, your login will fail.
You can of course temporarily override the deprecation (for now) with a config option to allow you into your remote side to upload your new RSA key.
Regards,
Daniel
More information about the afnog
mailing list