On 2014/07/11 05:32, Ted Unangst wrote: > I think the proposal rampaging went one algorithm too far. sha1 is the > best algorithm supported by many clients and it's still pretty secure. > without it, a lot of clients have stopped working. temporarily alieve > the pain?
Re-adding SHA1 will fix things for a lot of clients. There are still some clients which only support CBC modes, but those are usually much older, I don't think we need to worry about them so much. > > Index: myproposal.h > =================================================================== > RCS file: /cvs/src/usr.bin/ssh/myproposal.h,v > retrieving revision 1.40 > diff -u -p -r1.40 myproposal.h > --- myproposal.h 30 Apr 2014 19:07:48 -0000 1.40 > +++ myproposal.h 11 Jul 2014 09:31:21 -0000 > @@ -69,19 +69,19 @@ > "umac-128-...@openssh.com," \ > "hmac-sha2-256-...@openssh.com," \ > "hmac-sha2-512-...@openssh.com," \ > + "hmac-sha1-...@openssh.com," \ > "umac...@openssh.com," \ > "umac-...@openssh.com," \ > "hmac-sha2-256," \ > - "hmac-sha2-512" \ > + "hmac-sha2-512," \ > + "hmac-sha1" > > #define KEX_CLIENT_MAC KEX_SERVER_MAC "," \ > "hmac-md5-...@openssh.com," \ > - "hmac-sha1-...@openssh.com," \ > "hmac-ripemd160-...@openssh.com," \ > "hmac-sha1-96-...@openssh.com," \ > "hmac-md5-96-...@openssh.com," \ > "hmac-md5," \ > - "hmac-sha1," \ > "hmac-ripemd160," \ > "hmac-ripemd...@openssh.com," \ > "hmac-sha1-96," \ > @@ -102,16 +102,16 @@ > "umac-128-...@openssh.com," \ > "hmac-sha2-256-...@openssh.com," \ > "hmac-sha2-512-...@openssh.com," \ > + "hmac-sha1-...@openssh.com," \ > "umac...@openssh.com," \ > "umac-...@openssh.com," \ > "hmac-sha2-256," \ > - "hmac-sha2-512" > + "hmac-sha2-512," \ > + "hmac-sha1" > > #define KEX_CLIENT_KEX KEX_SERVER_KEX > #define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT > -#define KEX_CLIENT_MAC KEX_SERVER_MAC "," \ > - "hmac-sha1-...@openssh.com," \ > - "hmac-sha1" > +#define KEX_CLIENT_MAC KEX_SERVER_MAC > > #endif /* WITH_OPENSSL */ > >