Created attachment 203630 [details]
Update to 5.2.0
A new release of security/rubygem-net-ssh is available (5.2.0).
The attached patch add a pkg-message entry to inform end-users about net-ssh not validating ssh keys the same way as OpenSSH itself and leading to authentication failures; and include a workaround for this issue.
The issue is expected to vanish with the removal of the extra checks which are planned for a future major release.
The patch looks good to me.
Did you test all dependent ports? I checked some and noticed that sysutils/vagrant requires "net-ssh ~> 5.1.0".
Good catch: I only tested this through poudriere with the packages I am using…
Do you think we should ask for an exp-run?
The dependent ports are:
It seems sysutils/vagrant is the only one needs gemspec patch.
net-ssh is using semver (at least, 3.0.0 entry in the ChangeLog says so), vagrant requests "~> 5.1.0", so I guess this cna be changed to "~> 5.1" without causing any issue. I am starting a build of vagrant with such a change and will report back.
Created attachment 203995 [details]
Patch for vragrant
It looks like we have to patch vagrant: with the attached patch, I am able to `vagrant up` and `vagrant ssh` into a box.
security/rubygem-net-ssh is already version 6. Is this patch still relevant?
(In reply to Mateusz Piotrowski from comment #7)
I just checked, it seems to be good. I completely forgot about this PR and failed to follow-up, sorry about this and thanks for the heads-up!