Cipher preference

[James Cloos]

>>>>> "DM" == Damien Miller <djm at mindrot.org> writes:

DM> Lots of cryptographers also think that AES-GCM is fiendishly difficult
DM> to get right, especially wrt timing leaks. That, and it's relative
DM> newness in OpenSSH are the reasons it is not the default.

Indeed, I should have added a paragraph about that.

My understanding is that the consensus is that openssl has fixed the
early bugs in its implementation and gcm therefore is safe enough to
promote.

-JimC
--
James Cloos <cloos at jhcloos.com>         OpenPGP: 1024D/ED7DAEA6