Created attachment 201688 [details]
Patch file generated with svn diff
The option Protocol is now obsolete.
The value of Protocol in ssh_config has indeed been changed from 2,1 to 2 but that option was deleted thereafter, when support of SSH protocol version 1 was eventually dropped.
No functional change (obsolete option was mentioned in a comment)
I just wrote to the OpenSSH developers' public list with a reference to this problem report.
Applied upstream, will appear in release 8.0.
FreeBSD base system openssh updated in:
commit 19261079b74319502c6ffa1249920079f0f69a72 (HEAD -> main, freebsd/main)
Merge: c5128c48df3c 66719ee573ac
Author: Ed Maste <emaste@FreeBSD.org>
Date: Tue Sep 7 21:05:51 2021 -0400
openssh: update to OpenSSH v8.7p1
Some notable changes, from upstream's release notes:
- sshd(8): Remove support for obsolete "host/port" syntax.
- ssh(1): When prompting whether to record a new host key, accept the key
fingerprint as a synonym for "yes".
- ssh-keygen(1): when acting as a CA and signing certificates with an RSA
key, default to using the rsa-sha2-512 signature algorithm.
- ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa"
(RSA/SHA1) algorithm from those accepted for certificate signatures.
- ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F
support to provide address-space isolation for token middleware
libraries (including the internal one).
- ssh(1): this release enables UpdateHostkeys by default subject to some
- scp(1): this release changes the behaviour of remote to remote copies
(e.g. "scp host-a:/path host-b:") to transfer through the local host
- scp(1): experimental support for transfers using the SFTP protocol as
a replacement for the venerable SCP/RCP protocol that it has
Additional integration work is needed to support FIDO/U2F in the base
OpenSSH will disable the ssh-rsa signature scheme by default in the
Reviewed by: imp
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29985