Hello,
I am upstream maintainer of "Back In Time" [1][2]. It is GUI backup
software using rsync, where rsync is able to connect via SSH to a
remote host.
Users are able to configure the Cipher used for that SSH connection.
The project is old and I wasn't the developer implementing this
feature. I know nearly nothing about Ciphers and stuff like this.
I would like to give my users some hands-on about the available and
used ciphers. I would like to warn if they use an out-dated one and I
want to recommend some.
But to do this I need a strong, official and trustful reference. Does
Debian has something like his?
I was able to find a list of recommendations from the BSI (a German
institution) but without a list of out-dated Ciphers.
Also the NIST has a document, but I am not able to understand it. I
couldn't find a list in it.
What do you think?
Regards,
Christian Buhtz
[1] -- <https://github.com/bit-team/backintime>
[2] -- <https://tracker.debian.org/pkg/backintime>