search for: blake2b512

Hi, So my Debian machines are all using the follow cipher + digest: Cipher = chacha20-poly1305 Digest = blake2b512 However my OpenWRT router does not have chacha20-poly1305 and blake2b512 in its SSL library, so it uses the following: Cipher = aes-128-cbc Digest = sha512 I am a bit surprised that the router's tinc manages to talk to Debian's tinc, when I set a cipher suite that the router's SSL li...

On Thu, 7 Nov 2024 at 07:55, Chris Rapier <rapier at psc.edu> wrote: >[...]I had been using > Blake2b512 for the hashing algorithm but I want to put in a path to use > xxhash instead. Maintaining backward compatibility means I need to know > something about the remote. In the case of sftp at least, that sounds like a function of the sftp-server not sshd, in which case could you advertise the ca...

On Fri, 8 Nov 2024 at 03:16, Darren Tucker <dtucker at dtucker.net> wrote: > > On Thu, 7 Nov 2024 at 07:55, Chris Rapier <rapier at psc.edu> wrote: > >[...]I had been using > > Blake2b512 for the hashing algorithm but I want to put in a path to use > > xxhash instead. Maintaining backward compatibility means I need to know > > something about the remote. Could you use the already (draft) specified sftp check-file extension[1] for this? It takes a comma separated list o...

...similar to rsync in that we use hashes to determine if the file fragment (assuming that the transfer cut out mid-file) is identical to the corresponding fragment on the source side. If it is then we start the transfer from the last received byte and append to the destination. I had been using Blake2b512 for the hashing algorithm but I want to put in a path to use xxhash instead. Maintaining backward compatibility means I need to know something about the remote. Hence, the question. I think I have an idea that might work but it's hacky. Alternatively, I can just break compatibility as I am...

...rsa rsautl s_client s_server s_time sess_id smime speed spkac srp storeutl ts verify version x509 Message Digest commands (see the `dgst' command for more details) blake2b512 blake2s256 gost md4 md5 rmd160 sha1 sha224 sha256 sha3-224 sha3-256 sha3-384 sha3-512 sha384 sha512 sha512-224 sha512-256 shake128 shake256 sm3 Ciph...

Hello everybody, Thank you Fufu Fang for your quick reply: With tinc version 1.0.35 and the bellow options at 100% CPu load i get about 10 MB/s... PMTU = 1400 PMTUDiscovery = yes #Cipher = none Cipher = chacha20-poly1305 Digest = blake2b512 Tried Cipher = none as well and also got 10MB/s with 100% CPU on one thread the other three available threads are idle. With inc_1.1~pre17-1.1_amd64.deb and libssl1.1:amd64 1.1.1d-0+deb10u2 I get the following error: Apr 04 19:03:19 officelink01 tincd[522]: Error while decrypting: error:060A7...

On Wed, 6 Nov 2024, Chris Rapier wrote: > I think I know the answer to this (which would be that you can't) but is there > any not entirely insane way to get the ssh->compat information back to either > scp or sftp? There's no way at present. > I'm doing some extensions on scp (and eventually sftp) and having remote > version or capability information would be