mirror of git://anongit.mindrot.org/openssh.git
- deraadt@cvs.openbsd.org 2001/03/05 15:56:16
[myproposal.h ssh.1] switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster; provos & markus ok
This commit is contained in:
parent
35f1f4e2b8
commit
ec26fb1667
|
@ -6,6 +6,10 @@
|
|||
- stevesk@cvs.openbsd.org 2001/03/05 15:44:51
|
||||
[servconf.c]
|
||||
sync error message; ok markus@
|
||||
- deraadt@cvs.openbsd.org 2001/03/05 15:56:16
|
||||
[myproposal.h ssh.1]
|
||||
switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster;
|
||||
provos & markus ok
|
||||
|
||||
20010305
|
||||
- (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]
|
||||
|
@ -4377,4 +4381,4 @@
|
|||
- Wrote replacements for strlcpy and mkdtemp
|
||||
- Released 1.0pre1
|
||||
|
||||
$Id: ChangeLog,v 1.910 2001/03/06 01:02:41 mouring Exp $
|
||||
$Id: ChangeLog,v 1.911 2001/03/06 01:05:23 mouring Exp $
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: myproposal.h,v 1.11 2001/02/11 12:59:24 markus Exp $ */
|
||||
/* $OpenBSD: myproposal.h,v 1.12 2001/03/05 15:56:16 deraadt Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
|
@ -26,12 +26,12 @@
|
|||
#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1"
|
||||
#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"
|
||||
#define KEX_DEFAULT_ENCRYPT \
|
||||
"3des-cbc,blowfish-cbc,cast128-cbc,arcfour," \
|
||||
"aes128-cbc,aes192-cbc,aes256-cbc," \
|
||||
"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour," \
|
||||
"aes192-cbc,aes256-cbc," \
|
||||
"rijndael128-cbc,rijndael192-cbc,rijndael256-cbc," \
|
||||
"rijndael-cbc@lysator.liu.se"
|
||||
#define KEX_DEFAULT_MAC \
|
||||
"hmac-sha1,hmac-md5,hmac-ripemd160," \
|
||||
"hmac-md5,hmac-sha1,hmac-ripemd160," \
|
||||
"hmac-ripemd160@openssh.com," \
|
||||
"hmac-sha1-96,hmac-md5-96"
|
||||
#define KEX_DEFAULT_COMP "none,zlib"
|
||||
|
|
8
ssh.1
8
ssh.1
|
@ -34,7 +34,7 @@
|
|||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: ssh.1,v 1.93 2001/03/02 18:54:31 deraadt Exp $
|
||||
.\" $OpenBSD: ssh.1,v 1.94 2001/03/05 15:56:16 deraadt Exp $
|
||||
.Dd September 25, 1999
|
||||
.Dt SSH 1
|
||||
.Os
|
||||
|
@ -228,7 +228,7 @@ S/Key authentication.
|
|||
.Pp
|
||||
Protocol 2 provides additional mechanisms for confidentiality
|
||||
(the traffic is encrypted using 3DES, Blowfish, CAST128 or Arcfour)
|
||||
and integrity (hmac-sha1, hmac-md5).
|
||||
and integrity (hmac-md5, hmac-sha1).
|
||||
Note that protocol 1 lacks a strong mechanism for ensuring the
|
||||
integrity of the connection.
|
||||
.Pp
|
||||
|
@ -667,7 +667,7 @@ Multiple ciphers must be comma-separated.
|
|||
The default is
|
||||
.Pp
|
||||
.Bd -literal
|
||||
``3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,
|
||||
``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
|
||||
aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,
|
||||
rijndael256-cbc,rijndael-cbc@lysator.liu.se''
|
||||
.Ed
|
||||
|
@ -831,7 +831,7 @@ Multiple algorithms must be comma-separated.
|
|||
The default is
|
||||
.Pp
|
||||
.Bd -literal
|
||||
``hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,
|
||||
``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,
|
||||
hmac-sha1-96,hmac-md5-96''
|
||||
.Ed
|
||||
.It Cm NumberOfPasswordPrompts
|
||||
|
|
Loading…
Reference in New Issue