nistp256 preferred over ed25519
Fedor Brunner
fedor.brunner at azet.sk
Thu Apr 10 22:39:34 EST 2014
Hello,
Maybe I'm asking an already answered question, if yes I'm sorry to
bother you.
Why in default HostKeyAlgorithms settings is
ecdsa-sha2-nistp256-cert-v01 at openssh.com preferred over
ssh-ed25519-cert-v01 at openssh.com ?
For example in default settings for KexAlgorithms the
curve25519-sha256 at libssh.org is preferred over ecdh-sha2-nistp256.
Fedor
Defaults in openssh-6.6p1
HostKeyAlgorithms
ecdsa-sha2-nistp256-cert-v01 at openssh.com,
ecdsa-sha2-nistp384-cert-v01 at openssh.com,
ecdsa-sha2-nistp521-cert-v01 at openssh.com,
ssh-ed25519-cert-v01 at openssh.com,
ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,
ssh-rsa-cert-v00 at openssh.com,ssh-dss-cert-v00 at openssh.com,
ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
ssh-ed25519,ssh-rsa,ssh-dss
KexAlgorithms
curve25519-sha256 at libssh.org,
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,
diffie-hellman-group-exchange-sha1,
diffie-hellman-group14-sha1,
diffie-hellman-group1-sha1
More information about the openssh-unix-dev
mailing list