[2018-03-23 14:25:35 -0400] Phil Pennock: > I don't know arch well enough to know if it's possible to get older > OpenSSL onto it, or if the "rolling release" nature means that they're > completely switched over. I maintain Arch's official openssh package; it's built with openssl-1.1 using a patch derived from [1]. I've updated it for openssh-7.7's latest snapshot [2]; all tests pass and live testing shows no issue so far. [1] http://vega.pgw.jp/~kabe/vsd/patch/openssh-7.4p1-openssl-1.1.0c.patch.html [2] https://git.archlinux.org/svntogit/packages.git/tree/trunk/openssl-1.1.0.patch?h=packages/openssh (The bulk of the patch consists in accessing data structures in a different way, which I don't see as an intrusive change, so the above is not entirely surprising.) We also have an openssl-1.0 package (and many other branches in the AUR) but avoid using it except for pieces of software which really cannot be ported to openssl-1.1. Cheers. -- Gaetan _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev