[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

SHH Cipher recommendations and "prohibitions" from Debian?



Hello,
I am upstream maintainer of "Back In Time" [1][2]. It is GUI backup software using rsync, where rsync is able to connect via SSH to a remote host.
Users are able to configure the Cipher used for that SSH connection.

The project is old and I wasn't the developer implementing this feature. I know nearly nothing about Ciphers and stuff like this.

I would like to give my users some hands-on about the available and used ciphers. I would like to warn if they use an out-dated one and I want to recommend some.

But to do this I need a strong, official and trustful reference. Does Debian has something like his?

I was able to find a list of recommendations from the BSI (a German institution) but without a list of out-dated Ciphers. Also the NIST has a document, but I am not able to understand it. I couldn't find a list in it.

What do you think?

Regards,
Christian Buhtz

[1] -- <https://github.com/bit-team/backintime>
[2] -- <https://tracker.debian.org/pkg/backintime>


Reply to: