HPN and None options in OpenSSH
Dag-Erling Smørgrav
des at des.no
Fri Jan 22 14:31:24 UTC 2016
The HPN and None cipher patches have been removed from FreeBSD-CURRENT.
I intend to remove them from FreeBSD-STABLE this weekend.
The HPN patches were of limited usefulness and required a great deal of
effort to maintain in our tree. The None cipher patch was less onerous,
but it was a terrible idea with a very small user base since it was a
compile-time option and off by default.
The HPN-related configuration variables have been marked deprecated,
while those related to the None cipher have been marked unsupported.
This means that the former will be accepted with a warning, whereas the
latter will result in an error.
Most users will not be affected by this change. Those who are should
switch to the openssh-portable port, which still offers both patches,
with HPN enabled by default.
It is expected that FreeBSD 10.3 will ship with OpenSSH 7.1p2, with a
number of modifications intended to reduce the impact of upstream
changes on existing systems.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list