Displaying 2 results from an estimated 2 matches for "cc20".
Did you mean:
cc0
2023 Jun 10
1
Question About Dynamic Remote Forwarding
On Fri, 9 Jun 2023, Chris Rapier wrote:
> Hi all,
>
> When a client requests dynamic remote forwarding with -R it delays forking
> into the background. In ssh.c we see
>
> if (options.fork_after_authentication) {
> if (options.exit_on_forward_failure &&
> options.num_remote_forwards > 0) {
> debug("deferring postauth fork until
2023 Dec 20
1
Discussion: new terrapin resisting ciphers and macs (alternative to strict-kex) and -ctr mode question.
...so it will be resistant against terrapin even without the strict-kex.
>
> Consequently the hmac-etmv2 at openssh.com mode could be deviced in a similar manner, to
> also include the transcript hash or similar things.
>
> The impact of removing the only "alternative" cipher cc20p1305 because of terrapin hardening as well
> as falling back to the old eam-macs is really bad for ssh best practice. And while "enforce strict-key"
> could gain some of the trust back, the attack also shows, that those constructs are just very fragile.
>
> And while a redesig...