playing around with removing algos
Cristian Ionescu-Idbohrn
cristian.ionescu-idbohrn at axis.com
Wed May 3 02:17:47 AEST 2017
On Tue, 2 May 2017, Jakub Jelen wrote:
>
> I believe this is expected behavior and limitation of the current behavior.
> The manual page also says
>
> > For each parameter, the first obtained value will be used. [...]
>
> > [...] will be removed *from the default set instead of replacing them*.
>
> Therefore:
> * Only the default set is affected
> * The second Macs option is ignored (because Macs are already set)
Yes. I missed that. Sorry :(
> This might be confusing especially when specifying multiple values and
> improving that would be very nice.
Yes, please.
> I would investigate the debug log with -vvv switches to see what is
> actually offered by server and client.
Alright, I just did:
$ ssh -vvv -oMacs=umac-64 at openssh.com localhost : 2>&1 | egrep -i 'macs|umac'
debug2: MACs ctos: umac-64 at openssh.com
debug2: MACs stoc: umac-64 at openssh.com
debug2: MACs ctos: umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
No error/warning/anything.
I should also mention that this is the Debian packaged openssh 7.5p1.
It applies some 31 patches to the source. I can't tell if they
interfere with the proper behaviour, it doesn't seem so, but I can't
exclude the risc. Colin might.
Cheers,
--
Cristian
More information about the openssh-unix-dev
mailing list