https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202153
[email protected] changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #2 from [email protected] --- The current variable names as they sit could be considered a security vulnerability since $sshd_rsa1_enable and $sshd_dsa_enable sure sound like they control use of RSA1 and DSA in sshd but actually they do not and setting any such variables to "NO" or "-b 4096" will not have the expected result if sshd was once ever run before. I think it's important we deprecate those names in favor of clearer ones and add quality description to defaults/rc.conf. Heck, committer, maybe even go ahead and throw a blank line before and after that block of sshd_ lines please since it's now 13 lines instead of 3. Thanks greatly for your time and consideration. Let me know if I should add a patch for man rc.conf(5) as well and I will go figure out how to work the mandoc or nroff or troff or whatever. I am hoping perhaps someone can lead me by copying my comments in this new defaults/rc.conf into man rc.conf(5) as well or tell me how that's done neatly. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "[email protected]"
