Bug#774711: openssh: OpenSSH should have stronger ciphers selected at least on the server side.

To: 774711@bugs.debian.org
Cc: control@bugs.debian.org
Subject: Bug#774711: openssh: OpenSSH should have stronger ciphers selected at least on the server side.
From: Christoph Anton Mitterer <calestyo@scientia.net>
Date: Wed, 07 Jan 2015 21:58:28 +0100
Message-id: <[🔎] 1420664308.4847.95.camel@scientia.net>
Reply-to: Christoph Anton Mitterer <calestyo@scientia.net>, 774711@bugs.debian.org

retitle 774711 OpenSSH should use stronger crypto algo and parameters respectively disable others
stop

Hi.

First, I've modified the title, since I think it's useless to only
harden servers while clients would be left at "less secure" defaults.
Also, the title "should have stronger ciphers selected" was kinda
misleading, since stronger ciphers were actually selected - the problem
was rather that "weaker" ones are still allowed as well.


Then, FYI, I posted information about these two bugs on the
openssh-unix-dev mailing list.


Cheers,
Chris.


[0] https://lists.mindrot.org/pipermail/openssh-unix-dev/2015-January/033297.html

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to:

Follow-Ups:
- Processed: Re: openssh: OpenSSH should have stronger ciphers selected at least on the server side.
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#774793: openssh: SSH uses insecure Ciphers, MACs and KexAlgorithms by default
Next by Date: Processed: Re: openssh: OpenSSH should have stronger ciphers selected at least on the server side.
Previous by thread: Bug#774711: openssh: OpenSSH should have stronger ciphers selected at least on the server side.
Next by thread: Processed: Re: openssh: OpenSSH should have stronger ciphers selected at least on the server side.
Index(es):
- Date
- Thread