From e8001d4820bb9d292695bcb8c5f20c04f2f17d61 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 21 Feb 2009 12:45:02 +1100 Subject: [PATCH] - djm@cvs.openbsd.org 2009/02/17 01:28:32 [ssh_config] sync with revised default ciphers; pointed out by dkrause@ --- ChangeLog | 8 +++++++- ssh_config | 4 ++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index da9e201b8..a659a62a3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +20090221 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2009/02/17 01:28:32 + [ssh_config] + sync with revised default ciphers; pointed out by dkrause@ + 20090216 - (djm) [regress/conch-ciphers.sh regress/putty-ciphers.sh] [regress/putty-kex.sh regress/putty-transfer.sh] Downgrade disabled @@ -5171,5 +5177,5 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.5197 2009/02/16 04:37:03 djm Exp $ +$Id: ChangeLog,v 1.5198 2009/02/21 01:45:02 djm Exp $ diff --git a/ssh_config b/ssh_config index ef5a73f7d..f28d59583 100644 --- a/ssh_config +++ b/ssh_config @@ -1,4 +1,4 @@ -# $OpenBSD: ssh_config,v 1.24 2008/07/25 06:56:35 grunk Exp $ +# $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for @@ -37,7 +37,7 @@ # Port 22 # Protocol 2,1 # Cipher 3des -# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc +# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc # MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 # EscapeChar ~ # Tunnel no