[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#774711: openssh 7.6 changes

Hi,

Just a quick update on #774711. As pre-announced in earlier releases,
OpenSSH 7.6 did drop support for some old unsafe crypto options:

* dropped SSHv1 protocol support
* removed hmac-ripemd160 MAC
* removed arcfour, blowfish and CAST ciphers
* refuses RSA keys <1024 bits in length
* does not offer CBC ciphers by default

As far as I know, the following potentially unsafe things are still
supported in 7.7:

Keys:
* NIST curves

Kex:
* NIST curves
* diffie-hellman-group14-sha1
* diffie-hellman-group-exchange-sha1 (min 2048 now at least)

MACs:
* sha1
* umac-64

Debian users wanting to drop support for the legacy crypto options
mentioned previously in this bug can use the following:

=======================================================================
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com, ssh-ed25519,\
    ssh-rsa-cert-v01@openssh.com, ssh-rsa-cert-v00@openssh.com,ssh-rsa

KexAlgorithms curve25519-sha256@libssh.org,\
    diffie-hellman-group-exchange-sha256

Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,
    aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr

MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,\
    umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,\
    umac-128@openssh.com
=======================================================================


-- 
Matt Taggart
taggart@debian.org
Reply to: