Mailing List Archive

Legacy Options
Hey there all,

I'm mentioning this as a "dev" issue because it's "Docs and Website", not
as a general "usage" question.

A few years back, I started a thread about RSA768 not being available in
SSH client any more, because I had lost access to my APC power strips
(which are on a NAT'd network, inside a data center, as a result). I
argued that "look, I know what I'm doing, I know this is safe, please
don't make me recompile the binary, or worse, run an old version of
openssh to do what I need". I was shut down. Sorry for the thread war.

Anyway, a friend is using MacOS ventura, where either a builtin on the
part of openssh *or* a decision of the people who are bundling it has
caused them to hit an error like "no mutual signature algorithm".

Here's my simple ask:

There's a page here:

It's one of the first things you get when you google for the error
messages you get.

As SSH and crypto in general is a moving target, Could that page please be
expanded to list (or point to another page) the options that are no longer
overrideable, and the errors one might hit? And perhaps, in what version
of openssh?

I.e. ssh1 support, rsa768, DSS key algorithms, etc...and the errors you
might get for those? To help people figure out "Okay, I can set a knob in
my config file and work with this for a little bit longer" or "No, there's
no option BUT upgrading (or running an old version)".



--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC

openssh-unix-dev mailing list