From e5715f37dcfd9c21103232e699390d9736180923 Mon Sep 17 00:00:00 2001
From: Hans Nilsson
This option is kept for compatibility. It is ignored if the
Sets the preferred public key algorithm to use for user
authentication. If the preferred algorithm fails,
the other algorithm is tried. The default is
to try
This option is kept for compatibility. It is ignored if the
List of public key algorithms to try to use.
List of algorithms to use in the algorithm negotiation. The default
Here is an example of this option:
+
+{preferred_algorithms,
+ [{public_key,['ssh-rsa','ssh-dss']},
+ {cipher,[{client2server,['aes128-ctr']},
+ {server2client,['aes128-cbc','3des-cbc']}]},
+ {mac,['hmac-sha2-256','hmac-sha1']},
+ {compression,[none,zlib]}
+}
+
+ Note that we want different algorithms in the two directions for
Changing the values can make a connection less secure. Do not change unless you + know exactly what you are doing. If you do not understand the values then you + are not supposed to change them
+Sets a time-out on the transport layer @@ -341,6 +393,32 @@ user. From a security perspective this option makes the server very vulnerable.
List of algorithms to use in the algorithm negotiation. The default
Here is an example of this option:
+
+{preferred_algorithms,
+ [{public_key,['ssh-rsa','ssh-dss']},
+ {cipher,[{client2server,['aes128-ctr']},
+ {server2client,['aes128-cbc','3des-cbc']}]},
+ {mac,['hmac-sha2-256','hmac-sha1']},
+ {compression,[none,zlib]}
+}
+
+ Note that we want different algorithms in the two directions for
Changing the values can make a connection less secure. Do not change unless you + know exactly what you are doing. If you do not understand the values then you + are not supposed to change them
+Provides a function for password validation. This function is called
@@ -445,6 +523,26 @@
+ Returns a key-value list, where the keys are the different types of algorithms and the values are the
+ algorithms themselves. An example:
+20> ssh:default_algorithms().
+[{kex,['diffie-hellman-group1-sha1']},
+ {public_key,['ssh-rsa','ssh-dss']},
+ {cipher,[{client2server,['aes128-ctr','aes128-cbc','3des-cbc']},
+ {server2client,['aes128-ctr','aes128-cbc','3des-cbc']}]},
+ {mac,[{client2server,['hmac-sha2-256','hmac-sha1']},
+ {server2client,['hmac-sha2-256','hmac-sha1']}]},
+ {compression,[{client2server,[none,zlib]},
+ {server2client,[none,zlib]}]}]
+21>
+
+