--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssh/patches/008-deprecate_sunssh_opt.patch	Fri Mar 13 17:05:08 2015 -0700
@@ -0,0 +1,36 @@
+#
+# To make the transition from SunSSH to OpenSSH as smooth as possible, we
+# added SunSSH-only options as deprecated options in OpenSSH. Note that this
+# is an interim enhancement to OpenSSH to make the transition smoother. If a 
+# deprecated SunSSH-only option is migrated to OpenSSH later, then it will be
+# changed from deprecated to supported. Since this is for Solaris only, we will
+# not contribute back this change to the upstream community.
+#
+--- orig/readconf.c	Fri May 23 09:56:00 2014
++++ new/readconf.c	Fri May 23 09:59:57 2014
+@@ -268,6 +268,25 @@
+ 	{ "canonicalizepermittedcnames", oCanonicalizePermittedCNAMEs },
+ 	{ "ignoreunknown", oIgnoreUnknown },
+ 
++#ifdef DEPRECATE_SUNSSH_OPT
++        /*
++         * On Solaris, to make the transition from SunSSH to OpenSSH as smooth
++         * as possible, we will deprecate SunSSH-only options in OpenSSH.
++         * Therefore, on a system that is running OpenSSH with a deprecated
++         * option from the user's config file (~/.ssh/config), the ssh
++         * connection will proceed without the deprecated option. Note that
++         * this is an interim enhancement to OpenSSH to make the transition
++         * smoother.  If a deprecated SunSSH-only option is migrated to OpenSSH
++         * later, then it will be changed from deprecated to supported.
++         */
++        { "gssapikeyexchange", oDeprecated },
++        { "kmfpolicydatabase", oDeprecated },
++        { "kmfpolicyname", oDeprecated },
++        { "trustedanchorkeystore", oDeprecated },
++        { "usefips140", oDeprecated },
++        { "useopensslengine", oDeprecated },
++#endif
++
+ 	{ NULL, oBadOption }
+ };
+