Hi Apollon, On 17-01-30 01:34:38, Martin Weinelt wrote: > ganeti heavily depends on SSH-DSS keypairs for operations between > cluster nodes, with OpenSSH 7.0 said keys have been deprecated. > > Please add a remark that SSH-DSS needs to be reallowed if ganeti is > supposed to work. > > In /etc/ssh/ssh_config > Add PubkeyAcceptedKeyTypes +ssh-dss > > In /etc/ssh/sshd_config > Add PubkeyAcceptedKeyTypes +ssh-dss
Do you think it would be possible to cherry-pick the changes, [1] and the following commits, some of them at least, which were made against the 2.16 branch, into the Debian package? It would be great to have this fixed for stretch, but I'm unsure if changing that much is acceptable given the late point in the freeze. I didn't checked if these commits apply cleanly against the current source, but maybe this could serve as a starting point. Thanks for your work, Georg [1] http://git.ganeti.org/?p=ganeti.git;a=commit;h=87416ca571d38e72394ac37d5e8aa82cb7d559c8
signature.asc
Description: Digital signature
