Created attachment 905159 [details, diff] Add dsa-keys USE flag. As of OpenSSH 9.8, DSA keys support is enabled via an optional compile flag. Even though DSA keys are being phased out and are expected to be completely removed from OpenSSH in early 2025, some people still connect to old servers. It's only a matter of adding `--enable-dsa-keys` to `configure`, as described in https://www.openssh.com/releasenotes.html Attaching a trivial patch to current `=net-libs/openssh-9.8_p1-r2` that adds a `dsa-keys` use flag.
Yeah, I was planning on doing this before and didn't end up forgetting. I think it's reasonable.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0147b4dd59f9f653bada12ce3474c54df49030ad commit 0147b4dd59f9f653bada12ce3474c54df49030ad Author: Sam James <sam@gentoo.org> AuthorDate: 2024-10-29 00:59:32 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-10-29 01:06:01 +0000 net-misc/openssh: add 9.9_p1 * Add a patch from master for slow X forwarding (bug #929191) with the default-on ObscureKeystrokeTiming feature. * Pull in various patches from upstream's stable branch (V_9_9) and add a note to the ebuild about checking it, see https://marc.info/?l=openssh-unix-dev&m=172723798122122&w=2. * Add USE=legacy-ciphers (bug #941255) to support DSA keys. I'll probably backport this to 9.8 too. Bug: https://bugs.gentoo.org/929191 Closes: https://bugs.gentoo.org/940250 Closes: https://bugs.gentoo.org/941255 Signed-off-by: Sam James <sam@gentoo.org> net-misc/openssh/Manifest | 2 + .../files/9.9_p1/0001-fix-utmpx-ifdef.patch | 39 ++ ...build-construct_utmp-when-USE_BTMP-is-set.patch | 40 ++ .../9.9_p1/0003-gss-serv.c-needs-sys-param.h.patch | 30 ++ ...x-regression-introduced-when-I-switched-t.patch | 296 ++++++++++++++ ...x-previous-change-to-ssh_config-Match-whi.patch | 70 ++++ ...x-ML-KEM768x25519-KEX-on-big-endian-syste.patch | 99 +++++ ...0007-upstream-explicitly-include-endian.h.patch | 37 ++ ...-htole64-etc-for-systems-without-endian.h.patch | 66 +++ .../files/openssh-9.9_p1-x-forwarding-slow.patch | 66 +++ net-misc/openssh/metadata.xml | 5 + net-misc/openssh/openssh-9.9_p1.ebuild | 442 +++++++++++++++++++++ 12 files changed, 1192 insertions(+)
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bc6963031680ce2ceae0e2c66e47fcf3b380e938 commit bc6963031680ce2ceae0e2c66e47fcf3b380e938 Author: Sam James <sam@gentoo.org> AuthorDate: 2024-10-29 01:08:06 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-10-29 01:08:06 +0000 net-misc/openssh: backport USE=legacy-ciphers for DSA to 9.8_p1-r3 Closes: https://bugs.gentoo.org/941255 Signed-off-by: Sam James <sam@gentoo.org> net-misc/openssh/openssh-9.8_p1-r3.ebuild | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
