From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id CBFEB1FF17A for ; Fri, 4 Jul 2025 20:23:40 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 12F433E21E; Fri, 4 Jul 2025 20:24:18 +0200 (CEST) From: Daniel Kral To: pve-devel@lists.proxmox.com Date: Fri, 4 Jul 2025 20:23:34 +0200 Message-Id: <20250704182336.469274-1-d.kral@proxmox.com> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.097 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.218 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH container v2 1/3] setup: remove deprecated dsa from ssh host key generation X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" OpenSSH 10.0 removes support for the DSA signature algorithm [0], which is the base version that will be shipped for Debian 13 trixie. Since it has been marked deprecated for some time and generating DSA signatures with OpenSSH 10.0 will fail, remove it. [0] https://www.openssh.com/txt/release-10.0 [1] https://www.debian.org/releases/trixie/release-notes/whats-new.en.html Signed-off-by: Daniel Kral --- src/PVE/LXC/Setup/Base.pm | 1 - 1 file changed, 1 deletion(-) diff --git a/src/PVE/LXC/Setup/Base.pm b/src/PVE/LXC/Setup/Base.pm index 6bdfb8d..dbfc775 100644 --- a/src/PVE/LXC/Setup/Base.pm +++ b/src/PVE/LXC/Setup/Base.pm @@ -646,7 +646,6 @@ sub ssh_host_key_types_to_generate { return { rsa => 'ssh_host_rsa_key', - dsa => 'ssh_host_dsa_key', ecdsa => 'ssh_host_ecdsa_key', ed25519 => 'ssh_host_ed25519_key', }; -- 2.39.5 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel