[Bug 2334] New: Warn when weak Ciphers are used

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Jan 8 20:37:41 AEDT 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=2334

            Bug ID: 2334
           Summary: Warn when weak Ciphers are used
           Product: Portable OpenSSH
           Version: 6.7p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: thorsten.sick at email.de

Warn the user when the SSH client or server are using weak ciphers. 

This can be done by default, when using -v or on a specific
test-security parameter.

Client and Server settings should be tested.

According to

https://stribika.github.io/2015/01/04/secure-secure-shell.html

Many ciphers (but not all) are either weak or broken. By having an
automatic test in the tools we can improve the settings of the
currently used servers and clients. That would improve the average
security level in a simple anbd efficient way.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list