> Le 5 juil. 2025 à 00:08, Tim Small <[email protected]> a écrit : > > > On 04/07/2025 17:33, Thibaut wrote: >> Also does this affect the ssh client as well? This may be more relevant than >> the server side of things: a lot old(er) SSH server implementations only >> offer rsa-sha1 (e.g. off the top of my head, HP iLO 4), so users may lose >> the ability to connect there: this should be advertised. > > I don't know if the proposed change would impact the dropbear ssh client > either, but if it does, then a straightforward workaround to access such > outdated ssh servers via an OpenWrt device, would be to use e.g. OpenSSH on > the users desktop to connect through the OpenWrt device using the OpenSSH > "jump host" feature:
That doesn’t solve the (more likely) use cases where the connection must originate from the OpenWrt device; e.g. for scripting automation. > For those that don't / can't use jumphost, they could always install the > openssh-client package directly on the OpenWrt device instead? That’s a half MB package which pulls libopenssl, a 1+ MB dependency. Regardless, IMHO such a change should at the very least be clearly documented in the release notes, so that users know what to expect. T _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
