Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove deprecated options #194

Closed
wants to merge 1 commit into from
Closed

Remove deprecated options #194

wants to merge 1 commit into from

Conversation

kuzaxak
Copy link

@kuzaxak kuzaxak commented Jul 6, 2018

SSH protocol 1 server support removed

sshd(8) no longer supports the old SSH protocol 1, so all the configuration
options related to it are now deprecated and should be removed from
/etc/ssh/sshd_config. These are:

KeyRegenerationInterval
RSAAuthentication
RhostsRSAAuthentication
ServerKeyBits

The Protocol option is also no longer needed, although it is silently
ignored rather than deprecated.

https://salsa.debian.org/ssh-team/openssh/commit/fb87db8aa47d3508be8e5bb1d21897fa1f2eca90

@kuzaxak
Remove deprecated options
478517d 
SSH protocol 1 server support removed
-------------------------------------

sshd(8) no longer supports the old SSH protocol 1, so all the configuration
options related to it are now deprecated and should be removed from
/etc/ssh/sshd_config.  These are:

  KeyRegenerationInterval
  RSAAuthentication
  RhostsRSAAuthentication
  ServerKeyBits

The Protocol option is also no longer needed, although it is silently
ignored rather than deprecated.


https://salsa.debian.org/ssh-team/openssh/commit/fb87db8aa47d3508be8e5bb1d21897fa1f2eca90
@coveralls
Copy link

Coverage Status

Coverage remained the same at 99.822% when pulling 478517d on kuzaxak:patch-1 into 0f505ec on dev-sec:master.

@kuzaxak
Copy link
Author

kuzaxak commented Jul 6, 2018

What is a better way to fix tests too?

@artem-sidorenko
Copy link
Member

@kuzaxak thanks for this PR! Failing tests are located in the ssh-baseline, so we need another PR there. This change is effective for openssh >7.4, do I get this right?

@artem-sidorenko artem-sidorenko mentioned this pull request Jul 16, 2018
Closed
@florian-asche
Copy link

florian-asche commented Jul 16, 2018
edited
Loading

@artem-sidorenko yes, looks correct. the baseline failed because it searches for variables that don't exist anymore. But I think completely removing them is no good idea. There should be some backward compatibility for older systems.

The test and also the cookbooks should check what OpenSSH version is used, and based on that they should set or not set that variables / check or not check that variables.

@frederikbosch frederikbosch mentioned this pull request Jul 30, 2018
Closed
@frederikbosch
Copy link

I created a PR in the SSH baseline repo for this issue. This one could be merged, I guess, after that PR is accepted.

@artem-sidorenko artem-sidorenko self-requested a review July 31, 2018 14:14
@artem-sidorenko artem-sidorenko self-assigned this Jul 31, 2018
@artem-sidorenko
Copy link
Member

artem-sidorenko commented Jul 31, 2018
edited
Loading

@kuzaxak thanks for this PR! I'm closing it in favour of #198, which covers different openssh versions

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@artem-sidorenko artem-sidorenko Awaiting requested review from artem-sidorenko

Assignees

@artem-sidorenko artem-sidorenko

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@kuzaxak @coveralls @artem-sidorenko @florian-asche @frederikbosch