From 78edb05a35826ce37d8607e89c0df5ffca28830d Mon Sep 17 00:00:00 2001 From: dtucker Date: Sat, 24 Oct 2009 00:50:17 +0000 Subject: [PATCH] - dtucker@cvs.openbsd.org 2009/10/24 00:48:34 [ssh-keygen.1] ssh-keygen now uses AES-128 for private keys --- ChangeLog | 3 +++ ssh-keygen.1 | 8 ++++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 53dcc62f..449aeed3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -24,6 +24,9 @@ [sshconnect2.c] disallow a hostile server from checking jpake auth by sending an out-of-sequence success message. (doesn't affect code enabled by default) + - dtucker@cvs.openbsd.org 2009/10/24 00:48:34 + [ssh-keygen.1] + ssh-keygen now uses AES-128 for private keys 20091011 - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 1cc3e974..190124e1 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.79 2008/07/24 23:55:30 sthen Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.80 2009/10/24 00:48:34 dtucker Exp $ .\" .\" -*- nroff -*- .\" @@ -393,7 +393,7 @@ Contains the protocol version 1 RSA authentication identity of the user. This file should not be readable by anyone but the user. It is possible to specify a passphrase when generating the key; that passphrase will be -used to encrypt the private part of this file using 3DES. +used to encrypt the private part of this file using 128-bit AES. This file is not automatically accessed by .Nm but it is offered as the default file for the private key. @@ -411,7 +411,7 @@ Contains the protocol version 2 DSA authentication identity of the user. This file should not be readable by anyone but the user. It is possible to specify a passphrase when generating the key; that passphrase will be -used to encrypt the private part of this file using 3DES. +used to encrypt the private part of this file using 128-bit AES. This file is not automatically accessed by .Nm but it is offered as the default file for the private key. @@ -429,7 +429,7 @@ Contains the protocol version 2 RSA authentication identity of the user. This file should not be readable by anyone but the user. It is possible to specify a passphrase when generating the key; that passphrase will be -used to encrypt the private part of this file using 3DES. +used to encrypt the private part of this file using 128-bit AES. This file is not automatically accessed by .Nm but it is offered as the default file for the private key. -- 2.45.1