Key exchange/selection badly broken in SNAP1014? [works]
Pekka Savola
pekkas at netcore.fi
Sat Oct 14 21:06:55 EST 2000
On Sat, 14 Oct 2000, Damien Miller wrote:
> On Sat, 14 Oct 2000, Pekka Savola wrote:
>
> > Hello all,
> >
> > It seems the overhaul on key exchange/selection broke it badly. I
> > haven't managed to use any other encryption method than 3des and
> > blowfish when connecting to SNAP -> SNAP. SNAP -> 2.2.0p1 will use
> > arcfour etc. quite cleanly.
>
> Snap->snap works fine for me:
<snip>
Oh. I see that 'Cipher' only supports 3des/blowfish, while Ciphers is
meant for SSH2 operation. Should there be a note, like, 'This is meant to
be used with SSH1 protocol' on the man page?
There are a few other issues:
1) if you connect using 'ssh otherhost' rather than 'ssh
otherhost.yourdomain', now OpenSSH will add second host key 'otherhost' to
known_hosts2. Before, it wouldn't do that. Is this intentional?
2) 'ssh -h' prints out:
-c cipher Select encryption algorithm: ``3des'', ``blowfish''
I'm not sure if it's better to say check the man page for algorithms or
make a bigger list here. Also, the man page doesn't mention aes or
rijndael.
--
Pekka Savola "Tell me of difficulties surmounted,
Pekka.Savola at netcore.fi not those you stumble over and fall"
More information about the openssh-unix-dev
mailing list