Bug#506115: openssh: Plaintext Recovery Attack Against SSH
On Fri, 21 Nov 2008, Colin Watson wrote:
> Accordingly, I'm downgrading this bug; I'd rather not rush out a
> configuration change (which could well break interoperability with
> unusual servers; it wouldn't be the first time) when upstream doesn't
> feel it's urgent enough to do so themselves.
Right. But what exactly are the pits one could fall into, should one
follow the advice?
Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc
How would one go about asking the ssh-server something like:
What ciphers are you capable of?
from a batch job?
The answer would enable the admin to assert if interoperability allows for
such a measure.
Cheers,
--
Cristian
Reply to: