Hi, Just a quick update on #774711. As pre-announced in earlier releases, OpenSSH 7.6 did drop support for some old unsafe crypto options:
* dropped SSHv1 protocol support * removed hmac-ripemd160 MAC * removed arcfour, blowfish and CAST ciphers * refuses RSA keys <1024 bits in length * does not offer CBC ciphers by default As far as I know, the following potentially unsafe things are still supported in 7.7: Keys: * NIST curves Kex: * NIST curves * diffie-hellman-group14-sha1 * diffie-hellman-group-exchange-sha1 (min 2048 now at least) MACs: * sha1 * umac-64 Debian users wanting to drop support for the legacy crypto options mentioned previously in this bug can use the following: ======================================================================= HostKeyAlgorithms ssh-ed25519-cert-...@openssh.com, ssh-ed25519,\ ssh-rsa-cert-...@openssh.com, ssh-rsa-cert-...@openssh.com,ssh-rsa KexAlgorithms curve25519-sha...@libssh.org,\ diffie-hellman-group-exchange-sha256 Ciphers chacha20-poly1...@openssh.com,aes256-...@openssh.com, aes128-...@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr MACs hmac-sha2-512-...@openssh.com,hmac-sha2-256-...@openssh.com,\ umac-128-...@openssh.com,hmac-sha2-512,hmac-sha2-256,\ umac-...@openssh.com ======================================================================= -- Matt Taggart tagg...@debian.org