https://bugzilla.mindrot.org/show_bug.cgi?id=2726
Darren Tucker <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #2 from Darren Tucker <[email protected]> --- (In reply to Artur from comment #0) > SSHD ignores values larger than 1G so the one cannot set > it over 1GB. Note that as per RFC4344 that depends on the cipher. """ Let L be the block length (in bits) of an SSH encryption method's block cipher (e.g., 128 for AES). If L is at least 128, then, after rekeying, an SSH implementation SHOULD NOT encrypt more than 2**(L/4) blocks before rekeying again. [...] If L is less than 128 (which is the case for older ciphers such as 3DES, Blowfish, CAST-128, and IDEA), then, [...] rekey at least once for every gigabyte """ sshd follows this, so you'll see more frequent rekeying for ciphers like 3des. For AES ciphers it should be 4GB, so if you're using 3des you might be able to work around the problem by changing ciphers. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
