OpenSSH security advisory: cbc.adv

Lutz Jaenicke lutz at
Thu Nov 27 19:06:00 EST 2008

Damien Miller wrote:
> OpenSSH Security Advisory: cbc.adv
> [text deleted]
> AES CTR mode and arcfour ciphers are not vulnerable to this attack at
> all. These may be preferentially selected by placing the following
> directive in sshd_config and ssh_config:
> Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc

I have been reading the documentation and had a look into the source
but finally did not manage to understand the selection method.
(For SSL it is the server that selects "based on the clients preferences"
which means that depending on the server settings the client's or the
server's preference will be used.)
Where can I find respective documentation (or the location in the source
to find out myself :-)

Best regards,

More information about the openssh-unix-dev mailing list