> > A lot of equipment, perfectly good equipment, expensive equipment, but > > old equipment requires it. Most of it is behind a security appliance so > > there's no real risk is negligible if indeed it's not actually zero. > > > > Removing DSS removes management access to the equipment and the only > > reason is a pedantic complaint that DSS is trivially broken. > > > > Please don't break equipment over well-meaning pedantry. > > I bet this (once) expensive equipment still supports telnet, so > nothing is being broken. even if it doesn't, the idea that someone would assume support of this equipment is the responsibility of the openssh maintainers, rather than the _vendor_, blows my mind. save a statically linked copy of openssh that supports your old crypto, problem solved. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
