25 Sep
2013
25 Sep
'13
6:19 a.m.
On 2013-09-25 15:23, Trent W. Buck wrote: [...]
PS: for this reason, Debian's OpenSSH server has a CRL^W key revocation list. This is handy -- I blacklist ex-staff's known keys as defense- in-depth.
Except CJ Watson wants to remove the patch, because (presumably) upstream weren't interested, and (totally understandably) maintaining distro-specific patches is a horrible thing and should be avoided where possible. I haven't had time to chat with him about it. :-(
Upstream has its own implemenetaiton of these now: http://lwn.net/Articles/544640/, but I've no idea whether they pulled in Debian's implementation or wrote one from scratch. -- Regards, Matthew Cengia