OpenSSH DSA keys deprecated in FreeBSD 11
-
https://lists.freebsd.org/pipermail/freebsd-announce/2016-August/001737.html
Since PFSense is going FreeBSD 11 with 2.4, I think, I assume this will also apply here.
-
This is going to bite some people for sure but in all honesty if you are bitten you haven't followed the news in recent years. The DSA public key crypto has been known to be faulty by design for at least four or five years now.
-
We have generated them in a while and we stopped using them completely in 2.3.2. So if you're on 2.3.2 and working fine, you're ahead of the curve.
Only a few people have had issues that we've seen. Most all of them easily solved by a client software upgrade or tweak in the settings.
