Strange crypto choices

Yegor Ievlev koops1997 at gmail.com
Sun May 27 02:16:27 AEST 2018


https://man.openbsd.org/ssh_config
If hostkeys are known for the destination host then this default is
modified to prefer their algorithms.

On Sat, May 26, 2018 at 5:54 PM, Stuart Henderson <stu at spacehopper.org> wrote:
> Answering the first part of your mail:
>
> On 2018-05-25, Yegor Ievlev <koops1997 at gmail.com> wrote:
>> The defaults for HostKeyAlgorithms option are:
>>
>> ecdsa-sha2-nistp256-cert-v01 at openssh.com,
>> ecdsa-sha2-nistp384-cert-v01 at openssh.com,
>> ecdsa-sha2-nistp521-cert-v01 at openssh.com,
>> ssh-ed25519-cert-v01 at openssh.com,
>> ssh-rsa-cert-v01 at openssh.com,
>> ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
>> ssh-ed25519,ssh-rsa
>>
>> Why does OpenSSH prefer older and less secure
>> (https://safecurves.cr.yp.to/) ECDSA with NIST curves over Ed25519?
>
> Changing HostKeyAlgorithms means that the existing entries in known_hosts
> don't match, so the "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED"
> message is triggered.
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


More information about the openssh-unix-dev mailing list