On Tue, Oct 17, 2017 at 12:45:26PM +0200, Jakub Jelen wrote: > On Mon, 2017-10-16 at 17:18 +0200, Ingo Schwarze wrote: > > > Fedora has the same policy, and so far has opted to ship a ~3600- > > > line > > > patch to OpenSSH to use the 1.1 API. > > > > Frankly, i would feel uncomfortable using OpenSSH on Fedora. > > Thank you for the support. Do you have any real reason to say so? > > Yes, we opted to improve existing patch, implement missing parts, test > it and contribute it back to OpenSSH upstream in spite of moving > forward with OpenSSL upstream. > > It takes some effort to do so, but we do not have to think about > bundling LibreSSL nor depend on soon-to-by-outdated OpenSSL. > > As these threads appear all over and over again on this list, Fedora is > not the only distro that had this problem and would like to see it > resolved in a sensible way, but it is stalled in this point for over a > year. > OPenSSH is based on OPenBSD developemnt. The best solution is if (LIBRESSL) || (OPENSSL < 1010...) Else Whatever. Is that too much work? > Regards, > -- > Jakub Jelen > Software Engineer > Security Technologies > Red Hat, Inc. > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Talk Sense to a fool and he calls you foolish - Euripides _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev