Our company was using the deprecated RC4 encryption algorithm. First Chrome
removed support for it. So I jumped to Firefox for corporate access.
Then that failed as Firefox deprecated it. Rather than power up a VM to
run Windoze (and IE 11, which apparently allowed the deprecated encryption),
I changed a setting in Firefox to use the weak encryption. (Yeah yeah
yeah).
But corporate finally got a newer encryption in place and I am back to
Chrome.
Anyway, I hope Rob's idea is the one that applies.
Chris
-------- Rob 17:40 Thu 18 Feb --------
-------- Original Message --------
Subject: [yoshimi] - RANT -
Local Time: February 18, 2016 8:59 pm
UTC Time: February 18, 2016 8:59 PM
From: willgodfrey@xxxxxxxxxxxxxxx
To: yoshimi@xxxxxxxxxxxxx
Well, with all the crap we're getting with GCC I'm beginning to wonder if I'll
ever be finished with bugfixes for the most unfathomable issues.
I came across yet another one today which seems to be caused by GCC-5, which
is in debian testing :(
Part of the root path ID system suddenly no longer worked. Well to investigate
it properly I had to upgrade my main computer to testing - BIG MISTAKE
Although a found a workaround for the bug, this machine can no longer access
either github OR sourceforge for either pushing or pulling from the
repositories. Somehow the upgrade has screwed up ssh.
Fortunately my laptop is still on jessie, so I was able to install ssh on that
and copy my key files so I could push the latest updates. I am really, really
angry. There was no warning about certificate removals or the like.
If anyone can suggest a way I can get this sorted (other than re-installing
jessie) I'd be very grateful. github gives 'permission denied' and sourceforge
doesn't recognise my password.
--
Will J Godfrey
http://www.musically.me.uk
Say you have a poem and I have a tune.
Exchange them and we can both have a poem, a tune, and a song.
Yoshimi source code is available from either:
http://sourceforge.net/projects/yoshimi
Or: https://github.com/Yoshimi/yoshimi
Our list archive is at: https://www.freelists.org/archive/yoshimi
To post, email to yoshimi@freelists.orbut there was a change
Don't know if this is relevant
from apt-listchanges:
Date: Fri, 11 Dec 2015 00:14:28 +0000 (GMT)
From: root <root@debian>
To: root@debian
Subject: apt-listchanges: news for debian
openssh (1:7.1p1-2) unstable; urgency=medium
OpenSSH 7.0 disables several pieces of weak, legacy, and/or unsafe
cryptography.
* Support for the legacy SSH version 1 protocol is disabled by default at
compile time. Note that this also means that the Cipher keyword in
ssh_config(5) is effectively no longer usable; use Ciphers instead for
protocol 2. The openssh-client-ssh1 package includes "ssh1", "scp1",
and "ssh-keygen1" binaries which you can use if you have no alternative
way to connect to an outdated SSH1-only server; please contact the
server administrator or system vendor in such cases and ask them to
upgrade.
* Support for the 1024-bit diffie-hellman-group1-sha1 key exchange is
disabled by default at run-time. It may be re-enabled using the
instructions at http://www.openssh.com/legacy.html
* Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled by
default at run-time. These may be re-enabled using the instructions at
http://www.openssh.com/legacy.html
* Support for the legacy v00 cert format has been removed.
Future releases will retire more legacy cryptography, including:
* Refusing all RSA keys smaller than 1024 bits (the current minimum is
768 bits).
* Several ciphers will be disabled by default: blowfish-cbc, cast128-cbc,
all arcfour variants, and the rijndael-cbc aliases for AES.
* MD5-based HMAC algorithms will be disabled by default.
-- Colin Watson <cjwatson@xxxxxxxxxx> Tue, 08 Dec 2015 15:33:08 +0000
