[BUG] Harmonize man pages (OpenSSH 6.9)

mancha mancha1 at zoho.com
Thu Jul 2 10:09:06 AEST 2015


Hi.

The man pages for ssh_config and sshd_config don't reflect that
chacha20-poly1305 at openssh.com is now preferred over the AES family and
others.

This issue was reported by Kevin Korb on freenode's #openssh.

Attached patch fixes.

--mancha

-------------- next part --------------
From 1a8997883510ac845133e97f4e942c48d7c5b6b0 Mon Sep 17 00:00:00 2001
From: mancha security <mancha1 at zoho.com>
Date: Thu, 2 Jul 2015 00:01:20 +0000
Subject: [PATCH] Update man pages (ssh_config and sshd_config)

Reflect that chacha20-poly1305 at openssh.com has been promoted to
default cipher. Thanks to Kevin Korb for report.
---
 ssh_config.5  | 2 +-
 sshd_config.5 | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/ssh_config.5 b/ssh_config.5
index 268a627..76a8263 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -410,9 +410,9 @@ chacha20-poly1305 at openssh.com
 .Pp
 The default is:
 .Bd -literal -offset indent
+chacha20-poly1305 at openssh.com,
 aes128-ctr,aes192-ctr,aes256-ctr,
 aes128-gcm at openssh.com,aes256-gcm at openssh.com,
-chacha20-poly1305 at openssh.com,
 arcfour256,arcfour128,
 aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
 aes192-cbc,aes256-cbc,arcfour
diff --git a/sshd_config.5 b/sshd_config.5
index 5ab4318..a3fcec0 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -471,9 +471,9 @@ chacha20-poly1305 at openssh.com
 .Pp
 The default is:
 .Bd -literal -offset indent
+chacha20-poly1305 at openssh.com,
 aes128-ctr,aes192-ctr,aes256-ctr,
-aes128-gcm at openssh.com,aes256-gcm at openssh.com,
-chacha20-poly1305 at openssh.com
+aes128-gcm at openssh.com,aes256-gcm at openssh.com
 .Ed
 .Pp
 The list of available ciphers may also be obtained using the
-- 
2.1.4

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150702/38962d67/attachment-0001.bin>


More information about the openssh-unix-dev mailing list