Announcement

Collapse
No announcement yet.

OpenSSH 7.6 Is Ready For Testing & Finishes Gutting SSHv1

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenSSH 7.6 Is Ready For Testing & Finishes Gutting SSHv1

    Phoronix: OpenSSH 7.6 Is Ready For Testing & Finishes Gutting SSHv1

    OpenSSH 7.6 will be hitting the streets soon...

    http://www.phoronix.com/scan.php?pag....6-Coming-Soon

  • #2
    nuking sshv1 and rc4 is great, im not sure about deleting cbc ciphers though

    Comment


    • #3
      Killing Blowfish seems a little extreme although maybe there have been vulnerabilities discovered that I haven't heard about. The rest of it seems pretty reasonable.

      Comment


      • #4
        Originally posted by chuckula View Post
        Killing Blowfish seems a little extreme although maybe there have been vulnerabilities discovered that I haven't heard about. The rest of it seems pretty reasonable.
        Sweet32 means it cannot be securely used for large amounts of data without frequent rekeying.

        Comment


        • #5
          Drat. Enabling arcfour support is how I get good performance between my desktop and the Pentium 133MHz on my quarantined retro-gaming subnet (ssh2dos on the DOS/Win311 side and an old WinSCP on the Win98 side) without having to run something special-purpose like an FTP daemon.

          Comment


          • #6
            Originally posted by ssokolow View Post
            Drat. Enabling arcfour support is how I get good performance between my desktop and the Pentium 133MHz on my quarantined retro-gaming subnet (ssh2dos on the DOS/Win311 side and an old WinSCP on the Win98 side) without having to run something special-purpose like an FTP daemon.
            rc4 is like the most broken algorithm ever
            altough if you dont care about safety then its ok

            Comment


            • #7
              Michael the numbers of comments are not synced with the number which appears on the right of the single comment: the intro of the post should have number 0 so to sync with the real number of the comments abut the argument in object.

              Comment


              • #8
                Originally posted by ssokolow View Post
                Drat. Enabling arcfour support is how I get good performance between my desktop and the Pentium 133MHz on my quarantined retro-gaming subnet (ssh2dos on the DOS/Win311 side and an old WinSCP on the Win98 side) without having to run something special-purpose like an FTP daemon.
                How does chacha compare?

                Comment


                • #9
                  Originally posted by Mangix View Post

                  How does chacha compare?
                  I'll have to get back to you on that. My 8+-year-old Soekris net5501 gave up the ghost a little over a week ago, so I've got my quarantined subnet disconnected from the rest of the house while I wait for my budget to refill enough to order a replacement. (I've had to switch the DSL modem out of bridged mode, and the built-in router seems to be flat-out broken in how it handles attempting new HTTP connections when the connection is saturated.)
                  Last edited by ssokolow; 26 September 2017, 02:18 AM.

                  Comment


                  • #10
                    Originally posted by davidbepo View Post
                    rc4 is like the most broken algorithm ever
                    altough if you dont care about safety then its ok
                    In many environments, it's acceptable to upgrade from RC4 to ROT13.

                    Comment

                    Working...
                    X