https://bugs.kde.org/show_bug.cgi?id=400340

            Bug ID: 400340
           Summary: Deprecate/remove DSS used for sftp
           Product: kdeconnect
           Version: unspecified
          Platform: Other
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: android-application
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

DSS certs have been deprecated in OpenSSH in 2015(!). With reason, obviously!

As such it is more than time to move away.

Things you may do:
* show an error/warning when old DSS clients are used and advice the user to
upgrade
* remove it entirely in the future

There is no way around it. In the shorter or longer time you have to remove it.
At some point of time you really need to show a warning for "insecure
connection" ("legacy connection" or so) as to make users aware that some
component/device needs to be upgraded.
Of course this requires that RSA support is present in all KDE Connect
implementations.

I've heard the last thing is the case for Android Oreo+ devices, so obviously
the old ones also need to be supported. As such I assign this to the Android
component, but you may thread this as a general request.

Same issue in GSConnect:
https://github.com/andyholmes/gnome-shell-extension-gsconnect/issues/267

---

BTW, as you already use TLS the other solution would obviously to switch to
FTPS… don't know though why SFTP was chosen in the past.

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to