--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssh/patches/008-deprecate_sunssh_opt.patch Fri Mar 13 17:05:08 2015 -0700
@@ -0,0 +1,36 @@
+#
+# To make the transition from SunSSH to OpenSSH as smooth as possible, we
+# added SunSSH-only options as deprecated options in OpenSSH. Note that this
+# is an interim enhancement to OpenSSH to make the transition smoother. If a
+# deprecated SunSSH-only option is migrated to OpenSSH later, then it will be
+# changed from deprecated to supported. Since this is for Solaris only, we will
+# not contribute back this change to the upstream community.
+#
+--- orig/readconf.c Fri May 23 09:56:00 2014
++++ new/readconf.c Fri May 23 09:59:57 2014
+@@ -268,6 +268,25 @@
+ { "canonicalizepermittedcnames", oCanonicalizePermittedCNAMEs },
+ { "ignoreunknown", oIgnoreUnknown },
+
++#ifdef DEPRECATE_SUNSSH_OPT
++ /*
++ * On Solaris, to make the transition from SunSSH to OpenSSH as smooth
++ * as possible, we will deprecate SunSSH-only options in OpenSSH.
++ * Therefore, on a system that is running OpenSSH with a deprecated
++ * option from the user's config file (~/.ssh/config), the ssh
++ * connection will proceed without the deprecated option. Note that
++ * this is an interim enhancement to OpenSSH to make the transition
++ * smoother. If a deprecated SunSSH-only option is migrated to OpenSSH
++ * later, then it will be changed from deprecated to supported.
++ */
++ { "gssapikeyexchange", oDeprecated },
++ { "kmfpolicydatabase", oDeprecated },
++ { "kmfpolicyname", oDeprecated },
++ { "trustedanchorkeystore", oDeprecated },
++ { "usefips140", oDeprecated },
++ { "useopensslengine", oDeprecated },
++#endif
++
+ { NULL, oBadOption }
+ };
+