Update busybox/ssh as ssh-dss has been deprecated due to new vulnerability

Due to vulnerability, DSA Keys (ssh-dss) have been deprecated and disabled in openssh7.0p1 by default, with the recommendation to update. Arch has provided notice.

“OpenSSH 7.0 and greater similarly disables the ssh-dss (DSA) public key algorithm. It too is weak and we recommend against its use. It can be re-enabled using the HostkeyAlgorithms configuration option:”

ssh -oHostKeyAlgorithms=+ssh-dss user@127.0.0.1

I couldn’t find if the latest version of busybox had updated for this, but the latest firmware on the EX4100 is showing openssh 5.0p1

OpenSSH_5.0p1, OpenSSL 1.0.1m 19 Mar 2015

Suggestion to update Openssl to 7.0p1
In the mean time, I will keep my ssh access to this NAS local.

Status: Acknowledge