[kdeconnect] [Bug 443155] kdeconnect breaks when openssh is upgraded to version 8.8p1-1

Aleksandar Kostadinov Wed, 24 Nov 2021 07:32:17 -0800

https://bugs.kde.org/show_bug.cgi?id=443155


Aleksandar Kostadinov <akostadi...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |akostadi...@gmail.com

--- Comment #16 from Aleksandar Kostadinov <akostadi...@gmail.com> ---
I see a commit allowing `ssh-rsa` algorithm [1]. I think this is insecure.
Where is the problem actually? In kdeconnect android app that it uses old SSH
server/client or in client machine using old SSH server/client?

I think that if insecure algorithms are to be enabled, that should be an in-app
question. Not just allowing old insecure stuff.

And user should be informed whether the problem comes from not updated android
app or from not updated ssh client on user's machine.

[1]
https://invent.kde.org/network/kdeconnect-kde/-/commit/460eb70a81f13955f2ff32f38178c79695cb7413

-- 
You are receiving this mail because:
You are watching all bug changes.

[kdeconnect] [Bug 443155] kdeconnect breaks when openssh is upgraded to version 8.8p1-1

Reply via email to