On Fri, Nov 21, 2008 at 06:44:53PM +0000, Colin Watson wrote: > On Fri, Nov 21, 2008 at 05:29:33PM +0100, Cristian Ionescu-Idbohrn wrote: > > On Fri, 21 Nov 2008, Colin Watson wrote: > > > Accordingly, I'm downgrading this bug; I'd rather not rush out a > > > configuration change (which could well break interoperability with > > > unusual servers; it wouldn't be the first time) when upstream doesn't > > > feel it's urgent enough to do so themselves. > > > > Right. But what exactly are the pits one could fall into, should one > > follow the advice? > > > > Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc > > I'm not going to spend much time on this given that upstream doesn't > think it's serious. I tend to agree having read their analysis, too: if > it takes you several tens of thousands of attempts to connect > successfully, then you should probably consider whether somebody is > mucking about with your connection rather than continuing to type in > your password ...
The mitigation patches added in OpenSSH added in 5.2 are too riskey to interoperability regressions IMO. However, we could apply the previous mitigation patch in a stable point update: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diff?r1=1.157;r2=1.158;f=h Colin, what do you think? Cheers, Moritz -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
