The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
--- Begin Message ---
Hi Paul,
At the current state, the patch also disables support `ssh-rsa` support, [...]
To clarify this does not remove RSA support, but only the legacy
RSA-SHA1 algorithm. "rsa-sha2-256" is still present in the proposed
default configuration.
Any opinions on how to move forward?
Since "ssh-rsa" has been deprecated in various implementations (e.g.,
OpenSSH 8.2 in 02/2020 [1], and disabled by default in 8.8 in 09/2021
[2]), most users should (hopefully) be aware of it by now and likely
won't notice any difference with any semi-modern client.
(Was anyone using OpenSSH instead of Dropbear ever missed it?)
I would vote for disabling it in Dropbear by default, at least in "main"
for the next release.
Slight personal preference to do this also in case of a 24.10 backport,
but that's a different discussion that may be postponed until after some
feedback.
Cheers,
Stefan
[1] https://www.openssh.com/txt/release-8.2
[2] https://www.openssh.com/txt/release-8.8
--- End Message ---
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
