[
https://issues.apache.org/jira/browse/SSHD-1036?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17159764#comment-17159764
]
Lyor Goldstein commented on SSHD-1036:
--------------------------------------
{quote}
sshd.getMacFactories() this method call, I always get 6 only but as per the
above list default macs are 10.
sshd.getCipherFactories() this method call, I always get 10 only but as per the
above list default macs are 12.
{quote}
While we support many ciphers, macs, etc. (see
https://github.com/apache/mina-sshd/#implementedavailable-support) by default
we include only the ones that are considered safe/recommended by the current
security guidelines. In this context, please note that we are going to reduce
the +default+ supported ciphers, MACs, etc. further in view of the latest
guidelines (see SSHD-1004).
{quote}
Can you guide us on how to give all 12 cipher and 10mac support?
{quote}
You can easily add / remove MACs, ciphers, etc... that we support by calling
the relevant {{setMAC/Cipher/etc./Factories}}
{code:java}
SshServer sshd = SshServer.setupDefaultServer();
sshd.setCipherFactories(...);
sshd.setMacFactories(...);
sshd.setKeyExchangeFactories(...);
{code}
The supported relevant factories are enum(s) called {{BuiltinXX}} - e.g.
{{BuiltinCiphers, BuiltinMacs, BuiltinSignatures}}, and you can simply use
them. I understand that you might want to have your server support as many
standards as possible, but I do not recommend it as it involves using +weak
security+. We try to set up the default according to the community
recommendations, but you may decide to take the chance - up to you.
> Full support mac and Cipher list
> ---------------------------------
>
> Key: SSHD-1036
> URL: https://issues.apache.org/jira/browse/SSHD-1036
> Project: MINA SSHD
> Issue Type: Question
> Reporter: Sandeep
> Priority: Major
>
>
> This is the default mac and cipher list I have taken it from
> ConfigFileReaderSupport
> 1. DEFAULT_MACS=
> hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,hmac-sha1-96,hmac-md5-96,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96
> 2.DEFAULT_CIPHERS=aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour
>
> But the problem is as follows,
> 1. sshd.getMacFactories() this method call, I always get 6 only but as per
> the above list default macs are 10.
> 2. sshd.getCipherFactories() this method call, I always get 10 only but as
> per the above list default macs are 12.
>
> Can you guide us on how to give all 12 cipher and 10mac support?
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
