Bug#774711: openssh 7.6 changes
Hi,
Just a quick update on #774711. As pre-announced in earlier releases,
OpenSSH 7.6 did drop support for some old unsafe crypto options:
* dropped SSHv1 protocol support
* removed hmac-ripemd160 MAC
* removed arcfour, blowfish and CAST ciphers
* refuses RSA keys <1024 bits in length
* does not offer CBC ciphers by default
As far as I know, the following potentially unsafe things are still
supported in 7.7:
Keys:
* NIST curves
Kex:
* NIST curves
* diffie-hellman-group14-sha1
* diffie-hellman-group-exchange-sha1 (min 2048 now at least)
MACs:
* sha1
* umac-64
Debian users wanting to drop support for the legacy crypto options
mentioned previously in this bug can use the following:
=======================================================================
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com, ssh-ed25519,\
ssh-rsa-cert-v01@openssh.com, ssh-rsa-cert-v00@openssh.com,ssh-rsa
KexAlgorithms curve25519-sha256@libssh.org,\
diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,
aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,\
umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,\
umac-128@openssh.com
=======================================================================
--
Matt Taggart
taggart@debian.org
Reply to: