[BUG] Harmonize man pages (OpenSSH 6.9)
mancha
mancha1 at zoho.com
Thu Jul 2 10:09:06 AEST 2015
Hi.
The man pages for ssh_config and sshd_config don't reflect that
chacha20-poly1305 at openssh.com is now preferred over the AES family and
others.
This issue was reported by Kevin Korb on freenode's #openssh.
Attached patch fixes.
--mancha
-------------- next part --------------
From 1a8997883510ac845133e97f4e942c48d7c5b6b0 Mon Sep 17 00:00:00 2001
From: mancha security <mancha1 at zoho.com>
Date: Thu, 2 Jul 2015 00:01:20 +0000
Subject: [PATCH] Update man pages (ssh_config and sshd_config)
Reflect that chacha20-poly1305 at openssh.com has been promoted to
default cipher. Thanks to Kevin Korb for report.
---
ssh_config.5 | 2 +-
sshd_config.5 | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/ssh_config.5 b/ssh_config.5
index 268a627..76a8263 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -410,9 +410,9 @@ chacha20-poly1305 at openssh.com
.Pp
The default is:
.Bd -literal -offset indent
+chacha20-poly1305 at openssh.com,
aes128-ctr,aes192-ctr,aes256-ctr,
aes128-gcm at openssh.com,aes256-gcm at openssh.com,
-chacha20-poly1305 at openssh.com,
arcfour256,arcfour128,
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
aes192-cbc,aes256-cbc,arcfour
diff --git a/sshd_config.5 b/sshd_config.5
index 5ab4318..a3fcec0 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -471,9 +471,9 @@ chacha20-poly1305 at openssh.com
.Pp
The default is:
.Bd -literal -offset indent
+chacha20-poly1305 at openssh.com,
aes128-ctr,aes192-ctr,aes256-ctr,
-aes128-gcm at openssh.com,aes256-gcm at openssh.com,
-chacha20-poly1305 at openssh.com
+aes128-gcm at openssh.com,aes256-gcm at openssh.com
.Ed
.Pp
The list of available ciphers may also be obtained using the
--
2.1.4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150702/38962d67/attachment-0001.bin>
More information about the openssh-unix-dev
mailing list