bugzilla-daemon at bugzilla.mindrot.org
2016-Jan-19 07:49 UTC
[Bug 2527] New: default algorithms mismatch between man pages and myproposal.h
https://bugzilla.mindrot.org/show_bug.cgi?id=2527
Bug ID: 2527
Summary: default algorithms mismatch between man pages and
myproposal.h
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5
Component: Documentation
Assignee: unassigned-bugs at mindrot.org
Reporter: i at f2light.com
DEFAULT ALGORITHMs in man pages of ssh_config(5) and sshd_config(5)
differ with what openssh actually take.
NOTE: the following diff-style sections have the last algorithm ends
with ",". It's only for getting pretty diff result.
KEX_SERVER_MAC: sshd_config(5) didn't tell me hmac-sha1-etm at openssh.com
and hman-sha1 is taken by default.
--- DOCUMENT_SERVER_MAC
+++ CODE_SERVER_MAC
umac-64-etm at openssh.com,
umac-128-etm at openssh.com,
hmac-sha2-256-etm at openssh.com,
hmac-sha2-512-etm at openssh.com,
+hmac-sha1-etm at openssh.com,
umac-64 at openssh.com,
umac-128 at openssh.com,
hmac-sha2-256,
hmac-sha2-512,
+hmac-sha1,
KEX_CLIENT_ENCRYPT: rijndael-cbc at lysator.liu.se is missing in
ssh_config(5).
--- DOCUMENT_CLIENT_ENCRYPT
+++ CODE_CLIENT_ENCRYPT
chacha20-poly1305 at openssh.com,
aes128-ctr,
aes192-ctr,
aes256-ctr,
aes128-gcm at openssh.com,
aes256-gcm at openssh.com,
arcfour256,
arcfour128,
aes128-cbc,
3des-cbc,
blowfish-cbc,
cast128-cbc,
aes192-cbc,
aes256-cbc,
arcfour,
+rijndael-cbc at lysator.liu.se,
KEX_CLIENT_MAC: hmac-sha1 series has higher priority than them in
ssh_config(5), and hmac-ripemd160 at openssh.com is removed. (Probably
it's just an alias to hmac-ripemd160?)
--- DOCUMENT_CLIENT_MAC
+++ CODE_CLIENT_MAC
umac-64-etm at openssh.com,
umac-128-etm at openssh.com,
hmac-sha2-256-etm at openssh.com,
hmac-sha2-512-etm at openssh.com,
+hmac-sha1-etm at openssh.com,
umac-64 at openssh.com,
umac-128 at openssh.com,
hmac-sha2-256,
hmac-sha2-512,
+hmac-sha1,
hmac-md5-etm at openssh.com,
-hmac-sha1-etm at openssh.com,
hmac-ripemd160-etm at openssh.com,
hmac-sha1-96-etm at openssh.com,
hmac-md5-96-etm at openssh.com,
hmac-md5,
-hmac-sha1,
hmac-ripemd160,
-hmac-ripemd160 at openssh.com,
hmac-sha1-96,
hmac-md5-96,
P.S.: KEX_SERVER_KEX, KEX_CLIENT_KEX, KEX_DEFAULT_PK_ALG,
KEX_SERVER_ENCRYPT are correct.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Feb-11 02:57 UTC
[Bug 2527] default algorithms mismatch between man pages and myproposal.h
https://bugzilla.mindrot.org/show_bug.cgi?id=2527
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Blocks| |2451
Resolution|--- |FIXED
Status|NEW |RESOLVED
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Thanks, there were a couple more changes since we introduced RSA/SHA2
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=2451
[Bug 2451] Bugs intended to be fixed in 7.2
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:41 UTC
[Bug 2527] default algorithms mismatch between man pages and myproposal.h
https://bugzilla.mindrot.org/show_bug.cgi?id=2527
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.