Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?

To: debian-user@lists.debian.org
Subject: Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
From: Stefan Monnier <monnier@iro.umontreal.ca>
Date: Tue, 06 Jul 2021 17:30:27 -0400
Message-id: <[🔎] jwvsg0rrvtk.fsf-monnier+gmane.linux.debian.user@gnu.org>
References: <[🔎] YOQW4Iuhhk8JAkHE@h5.or.at> <[🔎] 20210706125235.GA18955@connexer.com> <[🔎] jwvh7h7toqo.fsf-monnier+gmane.linux.debian.user@gnu.org> <[🔎] YOSHSMVOdUb7MwwL@einval.com> <[🔎] jwv4kd7tm1s.fsf-monnier+gmane.linux.debian.user@gnu.org> <[🔎] 63165f5c-de81-11eb-9b6a-00163eeb5320@msgid.mathom.us> <[🔎] 20210706180511.GA6175@tuxteam.de> <[🔎] 03416ee2-de85-11eb-9b6a-00163eeb5320@msgid.mathom.us> <[🔎] 20210706201844.GB6175@tuxteam.de>

>> It's entirely too common for obsolete encryption options that are
>> kept for "compatibility" end up being a vector for compromise, and
>> entirely reasonable to remove such options in order to provide the
>> most secure and maintainable tool for the vast majority of users.
> That's the attitude of authoritarian software: "my software is smarter
> than you".

I think the reality is a bit more subtle ;-)

In most cases, the real driver is a desire to keep the code simple and
to ease maintenance.  Removal of old, little used, and largely untested
functionality is part of what can be done for that.

>> If you want ancient crypto options, just run an ancient binary.
>> They're very easy to find in archive.debian.org.
> They're not as easy to run as soon as they start being outrun by
> their dependencie's versions, and you perfectly know that.

My experience running old Debian packages of Emacs under Debian testing
is not that bad.  Also, I think that if it's hard to do, it can be
blamed on Debian's package management (which should move towards
something more like NixOS to solve those problems).


        Stefan

Reply to:

Follow-Ups:
- Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
  - From: <tomas@tuxteam.de>

References:
- Suggested way to ssh into obsolete devices (with old ssh crypto)?
  - From: Ralph Aichinger <ra@pi.h5.or.at>
- Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
  - From: Stefan Monnier <monnier@iro.umontreal.ca>
- Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
  - From: "Andrew M.A. Cater" <amacater@einval.com>
- Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
  - From: Stefan Monnier <monnier@iro.umontreal.ca>
- Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
  - From: Michael Stone <mstone@debian.org>
- Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
  - From: <tomas@tuxteam.de>
- Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
  - From: Michael Stone <mstone@debian.org>
- Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
  - From: <tomas@tuxteam.de>

Prev by Date: Re: Moving dual boot Win10 & Debian 10 system from Legacy to UEFI
Next by Date: Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
Previous by thread: Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
Next by thread: Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
Index(es):
- Date
- Thread