Date: Mon, 27 Jul 2020 12:49:11 -0400 From: Ed Maste <emaste@freebsd.org> To: FreeBSD Current <freebsd-current@freebsd.org> Subject: Heads-up: removing outdated OpenSSH ciphers Message-ID: <CAPyFy2DxWWobyt4H%2BBsM2%2BsryGFAFc0AHFE2K5zeQkLAxjyFCQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
A base system OpenSSH update in 2016 or so removed a number of ciphers from the default lists offered by the server/client (due to known weaknesses). This prompted FreeBSD PR207679, and they were restored in r296634. It's time to retire this local change against upstream OpenSSH; the ciphers should still be available via a configuration option if anyone needs them but they should not be offered by default. Review D25833 is open for the change: https://reviews.freebsd.org/D25833
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyFy2DxWWobyt4H%2BBsM2%2BsryGFAFc0AHFE2K5zeQkLAxjyFCQ>