Deprecated options when restarting openssh in Stretch
In the current Stretch update, openssh
version changed from 7.3 to 7.4, released on 2016-Dec-19.
As it can be inferred from the Release notes, and from @Jakuje comments, OpenSSH maintainers have removed the corresponding configuration options for good, as they are obsolete.
So the lines can be safely removed.
Also, take head of:
Future deprecation notice
We plan on retiring more legacy cryptography in future releases, specifically:
In approximately August 2017, removing remaining support for the
SSH v.1 protocol (client-only and currently compile-time disabled).In the same release, removing support for Blowfish and RC4 ciphers and the RIPE-MD160 HMAC. (These are currently run-time disabled).
Refusing all RSA keys smaller than 1024 bits (the current minimum
is 768 bits)The next release of OpenSSH will remove support for running sshd(8) with privilege separation disabled.
The next release of portable OpenSSH will remove support for
OpenSSL version prior to 1.0.1.
You can remove deprecated configuration lines with this:
sed -i '/KeyRegenerationInterval/d' /etc/ssh/sshd_config
sed -i '/ServerKeyBits/d' /etc/ssh/sshd_config
sed -i '/RSAAuthentication/d' /etc/ssh/sshd_config
sed -i '/RhostsRSAAuthentication/d' /etc/ssh/sshd_config
sed -i '/UsePrivilegeSeparation/d' /etc/ssh/sshd_config
And restart SSH daemon: systemctl restart sshd