[BUG] Harmonize man pages (OpenSSH 6.9)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi.

The man pages for ssh_config and sshd_config don't reflect that
chacha20-poly1305@xxxxxxxxxxx is now preferred over the AES family and
others.

This issue was reported by Kevin Korb on freenode's #openssh.

Attached patch fixes.

--mancha

From 1a8997883510ac845133e97f4e942c48d7c5b6b0 Mon Sep 17 00:00:00 2001
From: mancha security <mancha1@xxxxxxxx>
Date: Thu, 2 Jul 2015 00:01:20 +0000
Subject: [PATCH] Update man pages (ssh_config and sshd_config)

Reflect that chacha20-poly1305@xxxxxxxxxxx has been promoted to
default cipher. Thanks to Kevin Korb for report.
---
 ssh_config.5  | 2 +-
 sshd_config.5 | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/ssh_config.5 b/ssh_config.5
index 268a627..76a8263 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -410,9 +410,9 @@ chacha20-poly1305@xxxxxxxxxxx
 .Pp
 The default is:
 .Bd -literal -offset indent
+chacha20-poly1305@xxxxxxxxxxx,
 aes128-ctr,aes192-ctr,aes256-ctr,
 aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx,
-chacha20-poly1305@xxxxxxxxxxx,
 arcfour256,arcfour128,
 aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
 aes192-cbc,aes256-cbc,arcfour
diff --git a/sshd_config.5 b/sshd_config.5
index 5ab4318..a3fcec0 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -471,9 +471,9 @@ chacha20-poly1305@xxxxxxxxxxx
 .Pp
 The default is:
 .Bd -literal -offset indent
+chacha20-poly1305@xxxxxxxxxxx,
 aes128-ctr,aes192-ctr,aes256-ctr,
-aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx,
-chacha20-poly1305@xxxxxxxxxxx
+aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
 .Ed
 .Pp
 The list of available ciphers may also be obtained using the
-- 
2.1.4

Attachment: pgpgdmR1mzW4N.pgp
Description: PGP signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux