Call for testing: OpenSSH 6.7

Iain Morgan imorgan at
Wed Aug 20 07:13:44 EST 2014

On Mon, Aug 18, 2014 at 11:23:41 +1000, Damien Miller wrote:
> Potentially-incompatible changes
>  * sshd(8): The default set of ciphers and MACs has been altered to
>    remove unsafe algorithms. In particular, CBC ciphers and arcfour*
>    are disabled by default.

Is this really true? I just ran "$PWD/sshd -f /dev/null -T" in my build
directory, and it lists the full set of ciphers -- not the trimmed-down
default list indicated in sshd_config(5).

Iain Morgan

More information about the openssh-unix-dev mailing list