OpenSSH security advisory: cbc.adv

Lutz Jaenicke lutz at
Fri Nov 28 09:11:44 EST 2008

Markus Friedl wrote:
> On Thu, Nov 27, 2008 at 09:06:00AM +0100, Lutz Jaenicke wrote:
>> I have been reading the documentation and had a look into the source
>> but finally did not manage to understand the selection method.
>> (For SSL it is the server that selects "based on the clients preferences"

So the modification proposed for the server's cipher config will influence
the ciphers supported but it will not affect the preference in the selection
process. The preference is controlled via the client's configuration
(at least with the current software version)!?

Best regards,

More information about the openssh-unix-dev mailing list