[Libguestfs] [PATCH v2v] docs: Fix update-crypto-policies command.
Daniel P. Berrangé
berrange at redhat.com
Wed Jan 15 11:03:24 UTC 2020
On Wed, Jan 15, 2020 at 10:57:36AM +0000, Richard W.M. Jones wrote:
> The command as documented was wrong. We need to use the --set option
> to change the policy.
>
> Fixes commit d5cbe7b4bee5dec9e28b1db03e933c97ef6d11e0.
> Thanks: Xiaodai Wang
> ---
> docs/virt-v2v-input-xen.pod | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/docs/virt-v2v-input-xen.pod b/docs/virt-v2v-input-xen.pod
> index bafeabf62..bce0aff45 100644
> --- a/docs/virt-v2v-input-xen.pod
> +++ b/docs/virt-v2v-input-xen.pod
> @@ -36,7 +36,7 @@ to interoperate with RHEL 5 sshd are disabled. To enable them you may
> need to run this command on the conversion server (ie. ssh client),
> but read L<update-crypto-policies(8)> first:
>
> - # update-crypto-policies LEGACY
> + # update-crypto-policies --set LEGACY
Personally I would not be in favour of recommending that people
change their crypto policies host-wide, especially since the
doc is not telling them to set it back to the stronger default
policy later.
If the problem is simply the SSH server, then it ought to be
possible to address this using the "Ciphers" config option
for the SSH client, so that it doesn't weaken crypto for the
entire host.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the Libguestfs
mailing list