bugzilla-daemon at bugzilla.mindrot.org
2016-Jan-19 07:49 UTC
[Bug 2527] New: default algorithms mismatch between man pages and myproposal.h
https://bugzilla.mindrot.org/show_bug.cgi?id=2527 Bug ID: 2527 Summary: default algorithms mismatch between man pages and myproposal.h Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: Documentation Assignee: unassigned-bugs at mindrot.org Reporter: i at f2light.com DEFAULT ALGORITHMs in man pages of ssh_config(5) and sshd_config(5) differ with what openssh actually take. NOTE: the following diff-style sections have the last algorithm ends with ",". It's only for getting pretty diff result. KEX_SERVER_MAC: sshd_config(5) didn't tell me hmac-sha1-etm at openssh.com and hman-sha1 is taken by default. --- DOCUMENT_SERVER_MAC +++ CODE_SERVER_MAC umac-64-etm at openssh.com, umac-128-etm at openssh.com, hmac-sha2-256-etm at openssh.com, hmac-sha2-512-etm at openssh.com, +hmac-sha1-etm at openssh.com, umac-64 at openssh.com, umac-128 at openssh.com, hmac-sha2-256, hmac-sha2-512, +hmac-sha1, KEX_CLIENT_ENCRYPT: rijndael-cbc at lysator.liu.se is missing in ssh_config(5). --- DOCUMENT_CLIENT_ENCRYPT +++ CODE_CLIENT_ENCRYPT chacha20-poly1305 at openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm at openssh.com, aes256-gcm at openssh.com, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, +rijndael-cbc at lysator.liu.se, KEX_CLIENT_MAC: hmac-sha1 series has higher priority than them in ssh_config(5), and hmac-ripemd160 at openssh.com is removed. (Probably it's just an alias to hmac-ripemd160?) --- DOCUMENT_CLIENT_MAC +++ CODE_CLIENT_MAC umac-64-etm at openssh.com, umac-128-etm at openssh.com, hmac-sha2-256-etm at openssh.com, hmac-sha2-512-etm at openssh.com, +hmac-sha1-etm at openssh.com, umac-64 at openssh.com, umac-128 at openssh.com, hmac-sha2-256, hmac-sha2-512, +hmac-sha1, hmac-md5-etm at openssh.com, -hmac-sha1-etm at openssh.com, hmac-ripemd160-etm at openssh.com, hmac-sha1-96-etm at openssh.com, hmac-md5-96-etm at openssh.com, hmac-md5, -hmac-sha1, hmac-ripemd160, -hmac-ripemd160 at openssh.com, hmac-sha1-96, hmac-md5-96, P.S.: KEX_SERVER_KEX, KEX_CLIENT_KEX, KEX_DEFAULT_PK_ALG, KEX_SERVER_ENCRYPT are correct. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Feb-11 02:57 UTC
[Bug 2527] default algorithms mismatch between man pages and myproposal.h
https://bugzilla.mindrot.org/show_bug.cgi?id=2527 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Blocks| |2451 Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #1 from Damien Miller <djm at mindrot.org> --- Thanks, there were a couple more changes since we introduced RSA/SHA2 Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=2451 [Bug 2451] Bugs intended to be fixed in 7.2 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:41 UTC
[Bug 2527] default algorithms mismatch between man pages and myproposal.h
https://bugzilla.mindrot.org/show_bug.cgi?id=2527 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #2 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after 7.3p1 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.