From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <anrdaemon@yandex.ru>
Received: from forward106j.mail.yandex.net (forward106j.mail.yandex.net
 [IPv6:2a02:6b8:0:801:2::109])
 by sourceware.org (Postfix) with ESMTPS id ADD39385701E
 for <cygwin@cygwin.com>; Thu, 12 Nov 2020 18:05:02 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org ADD39385701E
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=yandex.ru
Authentication-Results: sourceware.org;
 spf=pass smtp.mailfrom=anrdaemon@yandex.ru
Received: from mxback15o.mail.yandex.net (mxback15o.mail.yandex.net
 [IPv6:2a02:6b8:0:1a2d::66])
 by forward106j.mail.yandex.net (Yandex) with ESMTP id D778211A0807;
 Thu, 12 Nov 2020 21:05:00 +0300 (MSK)
Received: from myt5-aad1beefab42.qloud-c.yandex.net
 (myt5-aad1beefab42.qloud-c.yandex.net [2a02:6b8:c12:128:0:640:aad1:beef])
 by mxback15o.mail.yandex.net (mxback/Yandex) with ESMTP id vqfyrjxd7h-500mdq5Q;
 Thu, 12 Nov 2020 21:05:00 +0300
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
 t=1605204300; bh=BuiPJRMbMpFocwLyfySuPdgd1RGZfqO0bCg5Kp0/qtI=;
 h=In-Reply-To:Subject:To:Reply-To:From:Message-ID:References:Date;
 b=MU1EYZtPbGeUn+kjUI9C7mfWMjJ80xVMvLjykIapBohchr/kgBiTqmW012NDSxaRn
 rj5IVRWaJ8O+TJaKlsZamU4cxu+vMvUEKk2S/Cx6g9C8UG2tYXOtbR8MoXWaQzDW7J
 X1Zeac5WiKhlXNjgXp5FXL2ctHP21nLZmo8zTcoE=
Authentication-Results: mxback15o.mail.yandex.net;
 dkim=pass header.i=@yandex.ru
Received: by myt5-aad1beefab42.qloud-c.yandex.net (smtp/Yandex) with ESMTPSA
 id EZTy9LlYc8-50mG6oKA; Thu, 12 Nov 2020 21:05:00 +0300
 (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
 (Client certificate not present)
Received: from [192.168.1.10] (HELO daemon2.darkdragon.lan)
 by daemon2 (Office Mail Server 0.8.12 build 08053101) with SMTP;
 Thu, 12 Nov 2020 17:53:34 -0000
Date: Thu, 12 Nov 2020 20:53:34 +0300
From: Andrey Repin <anrdaemon@yandex.ru>
X-Mailer: The Bat! (v6.8.8) Home
Reply-To: cygwin@cygwin.com
X-Priority: 3 (Normal)
Message-ID: <1833090211.20201112205334@yandex.ru>
To: Sudhanshu Bhutani <anshbhutani@gmail.com>, cygwin@cygwin.com
Subject: Re: Regarding openssh 8.1p1-1 access
In-Reply-To: <CAJh6wzsEYf4G75QeBf2J18zaw-W5d_8F2mNJaHgJjHr0Qc0Jgg@mail.gmail.com>
References: <CAJh6wzvH76FHO5S4QEKFAU=75_UiTeCK8MaqRGM13GBf8NpH3Q@mail.gmail.com> 
 <a812c96a-5f24-cd91-9830-b2bd1427f62a@SystematicSw.ab.ca>
 <CAJh6wzssyObRovM6LV6iz2GTHndbBxReKKqECU_XW5q8Ai87EA@mail.gmail.com>
 <CAJh6wzsNQ2y_GYA_R87SWKLavB04P78X7pSgkNqVm_iCVLm41g@mail.gmail.com>
 <319918437.20201111135657@yandex.ru>
 <CAJh6wzsEYf4G75QeBf2J18zaw-W5d_8F2mNJaHgJjHr0Qc0Jgg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, KAM_THEBAT,
 NICE_REPLY_A, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=no autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: cygwin@cygwin.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-request@cygwin.com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2020 18:05:05 -0000

Greetings, Sudhanshu Bhutani!

>> Greetings, Sudhanshu Bhutani!
>>
>> > On Tue, Nov 10, 2020 at 6:14 PM Sudhanshu Bhutani wrote:
>>
>> >> Thank you Brian and Mike. We will see if cygwin time machine owners can
>> >> help us.
>> >> http://www.crouchingtigerhiddenfruitbat.org/Cygwin/timemachine.html
>> >>
>> >> I will try contacting - doctor@fruitbat.org - PETER CASTRO for any
>> help.
>> >>
>>
>> > One more approach - i was thinking was - can we package/include the
>> > complete cygwin already [which already has older openssh version in bin
>> > folder] installed folder to our tool exe without any modification?
>> > Does it involve any violations for Cygwin GPLv3? Do we need to include
>> > source code as well? Or can re-distributing an already created cygwin
>> > folder can be done with freedom without any issues?
>>
>> You can provide a private mirror of your own as suggested, which would be a
>> more future-proof way, but really you should investigate the cause of the
>> failing SSH behavior and fix THAT.
>> I suspect the fix would be way easier than setting up and maintaining a
>> whole
>> mirror.
>>
>>
> Thanks for your reply, we are going to retire our platform that uses ssh
> client of old times in next 4 months, which is not supporting updated
> ciphers/updated in openssh 8.2 versions. As cygwin is only supporting
> updated binaries from openssh and not listing older versions, hence the
> issue is appearing on the platform where old ssh client is deployed.
> Unfortunately, the platform lives with customer and we dont have any way to
> update obsolete platform. Hence, i was thinking for work around on this
> platform for next 4-6 months, to re-distribute already installed cygwin
> folder to customer from which our tool can use older ssh client.

I have an urge to call the b-word.

> Does it involve gplv3 violations or any legal challenge? Appreciate your
> response.

Newer OpenSSH do support old ciphers, but they needs to be explicitly enabled
in config.
See https://www.openssh.com/legacy.html


-- 
With best regards,
Andrey Repin
Thursday, November 12, 2020 20:09:31

Sorry for my terrible english...