From: djm Date: Wed, 28 Jan 2009 05:33:31 +0000 (+0000) Subject: - djm@cvs.openbsd.org 2009/01/23 07:58:11 X-Git-Tag: V_5_2_P1~30 X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/commitdiff_plain/700fd7e7c1f6f31963b2cdd9e775e4c4d8bfb696 - djm@cvs.openbsd.org 2009/01/23 07:58:11 [myproposal.h] prefer CTR modes and revised arcfour (i.e w/ discard) modes to CBC modes; ok markus@ --- diff --git a/ChangeLog b/ChangeLog index c5c66d91..799b2d4d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -73,6 +73,10 @@ - djm@cvs.openbsd.org 2009/01/22 10:09:16 [auth-options.c] another chunk of a2port() diff that got away. wtfdjm?? + - djm@cvs.openbsd.org 2009/01/23 07:58:11 + [myproposal.h] + prefer CTR modes and revised arcfour (i.e w/ discard) modes to CBC + modes; ok markus@ 20090107 - (djm) [uidswap.c] bz#1412: Support >16 supplemental groups in OS X. diff --git a/myproposal.h b/myproposal.h index 87a9e582..7bca3bca 100644 --- a/myproposal.h +++ b/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.22 2007/06/07 19:37:34 pvalchev Exp $ */ +/* $OpenBSD: myproposal.h,v 1.23 2009/01/23 07:58:11 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -41,11 +41,12 @@ #endif #define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" + #define KEX_DEFAULT_ENCRYPT \ + "aes128-ctr,aes192-ctr,aes256-ctr," \ + "arcfour256,arcfour128," \ "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ - "arcfour128,arcfour256,arcfour," \ - "aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se," \ - "aes128-ctr,aes192-ctr,aes256-ctr" + "aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se" #define KEX_DEFAULT_MAC \ "hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160," \ "hmac-ripemd160@openssh.com," \