diff options
author | des <des@FreeBSD.org> | 2016-08-05 15:32:35 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2016-08-05 15:32:35 +0000 |
commit | 813d5407b97e622a49c8ee425e2b6648464d168a (patch) | |
tree | e98e4f7766a93614a3bdd3a13babdc30f600b464 /crypto/openssh/FREEBSD-upgrade | |
parent | 1d777d319c663919ca818660242391db35ebf73a (diff) | |
download | FreeBSD-src-813d5407b97e622a49c8ee425e2b6648464d168a.zip FreeBSD-src-813d5407b97e622a49c8ee425e2b6648464d168a.tar.gz |
MFH (r303716, r303719): drop SSH1 support, disable DSA by default
PR: 208254
Approved by: re (gjb)
Relnotes: yes
Diffstat (limited to 'crypto/openssh/FREEBSD-upgrade')
-rw-r--r-- | crypto/openssh/FREEBSD-upgrade | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/crypto/openssh/FREEBSD-upgrade b/crypto/openssh/FREEBSD-upgrade index 43e2a74..4b31eb3 100644 --- a/crypto/openssh/FREEBSD-upgrade +++ b/crypto/openssh/FREEBSD-upgrade @@ -142,30 +142,25 @@ Support for TCP wrappers was removed in upstream 6.7p1. We've added it back by porting the 6.6p1 code forward. -6) DSA keys - - DSA keys were disabled by default in upstream 6.9p1. We've added - them back. - -7) Agent client reference counting +6) Agent client reference counting We've added code to ssh-agent.c to implement client reference counting; the agent will automatically exit when the last client disconnects. -8) Class-based login restrictions +7) Class-based login restrictions We've added code to auth2.c to enforce the host.allow, host.deny, times.allow and times.deny login class capabilities. -9) HPN +8) HPN We no longer have the HPN patches (adaptive buffer size for increased throughput on high-BxD links), but we recognize and ignore HPN-related configuration options to avoid breaking existing configurations. -A) AES-CBC +9) AES-CBC The AES-CBC ciphers were removed from the server-side proposal list in 6.7p1 due to theoretical weaknesses and the availability of |