Can we make the server stop creating ssh_host_dsa pairs (use them w/ another log line if they are manually created). It would also be nice to add a big note at the top of the ssh-keygen documentation about dsa being weak and that you shouldn't use it (if you have a device that can only use dsa, you'll obviously ignore the warning but it'd be good to say as strongly as possible). _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev