[Bug 1801] cipher_spec section of ssh man page needs update
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Thu Jul 22 15:56:23 EST 2010
https://bugzilla.mindrot.org/show_bug.cgi?id=1801
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
--- Comment #1 from Darren Tucker <dtucker at zip.com.au> ---
Quoting it in full:
" -c cipher_spec
Selects the cipher specification for encrypting the session.
Protocol version 1 allows specification of a single cipher. The
supported values are ``3des'', ``blowfish'', and ``des''. 3des
(triple-des) is an encrypt-decrypt-encrypt triple with three
different keys. It is believed to be secure. blowfish is a fast
block cipher; it appears very secure and is much faster than
3des. des is only supported in the ssh client for
interoperability with legacy protocol 1 implementations that do
not support the 3des cipher. Its use is strongly discouraged due
to cryptographic weaknesses. The default is ``3des''.
For protocol version 2, cipher_spec is a comma-separated list of
ciphers listed in order of preference. See the Ciphers keyword
for more information."
There's 2 paragraphs: the first describes version 1 of the protocol for
which the default *is* 3des. The default cipher list for protocol 2
list listed in ssh_config(5):
"Ciphers
Specifies the ciphers allowed for protocol version 2 in order of
preference. Multiple ciphers must be comma-separated. The sup-
ported ciphers are "3des-cbc", "aes128-cbc", "aes192-cbc",
"aes256-cbc", "aes128-ctr", "aes192-ctr", "aes256-ctr",
"arcfour128", "arcfour256", "arcfour", "blowfish-cbc", and
"cast128-cbc". The default is:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
aes256-cbc,arcfour"
The reference in ssh(1) should be a reference to ssh_config(5) though.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list