Also here are some interesting upstream messages that are relevant to this
bug.
FYI: SSH1 now disabled at compile-time by default
Wed Mar 25 2015
https://lists.mindrot.org/pipermail/openssh-unix-dev/2015-March/033701.html
Obsolete MD5
Tue May 5 2015
Given the recent news about advances in causing SHA1 collisions, I think
it's even more important for openssh to start not accepting known weak
crypto (including sha1) by default.
https://sites.google.com/site/itstheshappening/
I don't see any upstream bugs about this. Should this bug be
Matt Taggart writes:
> Jens Thiele writes:
>> Afair I have seen small default primes with this one.
I can't reproduce it (maybe my memory was just wrong).
>> Did you inspect this?
> I didn't.
I just did a quick test connecting 100 times from jessie to wheezy and
wheezy to
Matt Taggart writes:
> Hi,
Hi,
thanks for your great work
> * diffie-hellman-group-exchange-sha256: has existed since squeeze at least
Afair I have seen small default primes with this one. Did you inspect this?
greetings,
jens
Jens Thiele writes:
> Hi,
>
> thanks for your great work
I should make it clear, I was only applying the advice I found in
https://stribika.github.io/2015/01/04/secure-secure-shell.html
to what versions exist in Debian, stribika and others get credit for that
work.
Also I realized I had
Hi,
Based on the charts I already sent and using the recommendations from:
https://stribika.github.io/2015/01/04/secure-secure-shell.html
and the openssh 7.0 release notes:
http://www.openssh.com/txt/release-7.0
Here are some suggestions for changing the default things that are
6 matches
Mail list logo