Hi,
Just a quick update on #774711. As pre-announced in earlier releases,
OpenSSH 7.6 did drop support for some old unsafe crypto options:
* dropped SSHv1 protocol support
* removed hmac-ripemd160 MAC
* removed arcfour, blowfish and CAST ciphers
* refuses RSA keys <1024 bits in length
* does not offer CBC ciphers by default
As far as I know, the following potentially unsafe things are still
supported in 7.7:
Keys:
* NIST curves
Kex:
* NIST curves
* diffie-hellman-group14-sha1
* diffie-hellman-group-exchange-sha1 (min 2048 now at least)
MACs:
* sha1
* umac-64
Debian users wanting to drop support for the legacy crypto options
mentioned previously in this bug can use the following:
=======================================================================
HostKeyAlgorithms ssh-ed25519-cert-...@openssh.com, ssh-ed25519,\
ssh-rsa-cert-...@openssh.com, ssh-rsa-cert-...@openssh.com,ssh-rsa
KexAlgorithms curve25519-sha...@libssh.org,\
diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1...@openssh.com,aes256-...@openssh.com,
aes128-...@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-...@openssh.com,hmac-sha2-256-...@openssh.com,\
umac-128-...@openssh.com,hmac-sha2-512,hmac-sha2-256,\
umac-...@openssh.com
=======================================================================
--
Matt Taggart
tagg...@debian.org
