From 4973bd1f88533ec1d3c031351cc9045ef4fd4571 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Tue, 5 Jun 2018 16:06:20 +0200 Subject: ssh: Document default algorithm order + update SSH_app links --- lib/ssh/doc/src/ssh_app.xml | 55 ++++++++++++++++++++++++++++++++------------- 1 file changed, 39 insertions(+), 16 deletions(-) (limited to 'lib') diff --git a/lib/ssh/doc/src/ssh_app.xml b/lib/ssh/doc/src/ssh_app.xml index 6d180a5272..2ebd176e12 100644 --- a/lib/ssh/doc/src/ssh_app.xml +++ b/lib/ssh/doc/src/ssh_app.xml @@ -130,39 +130,47 @@ For the list on a particular installation, use the command ssh:default_algorithms/0. The user may override the default algorithm configuration both on the server side and the client side. - See the option preferred_algorithms in the ssh:daemon/1,2,3 and + See the options + preferred_algorithms + and + modify_algorithms + in the ssh:daemon/1,2,3 and ssh:connect/3,4 functions.

-

Supported algorithms are:

+

Supported algorithms are (in the default order):

Key exchange algorithms - ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 - diffie-hellman-group-exchange-sha1 + ecdh-sha2-nistp256 diffie-hellman-group-exchange-sha256 - diffie-hellman-group14-sha1 - diffie-hellman-group14-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 - (diffie-hellman-group1-sha1, retired: can be enabled with the preferred_algorithms option) + diffie-hellman-group14-sha256 + diffie-hellman-group14-sha1 + diffie-hellman-group-exchange-sha1 + (diffie-hellman-group1-sha1, retired: It can be enabled with the + preferred_algorithms + or + modify_algorithms + options) Public key algorithms - ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 + ecdsa-sha2-nistp256 ssh-rsa - ssh-dss rsa-sha2-256 rsa-sha2-512 + ssh-dss @@ -178,11 +186,11 @@ Encryption algorithms (ciphers) - aes128-gcm@openssh.com aes256-gcm@openssh.com - aes128-ctr - aes192-ctr aes256-ctr + aes192-ctr + aes128-gcm@openssh.com + aes128-ctr aes128-cbc 3des-cbc (AEAD_AES_128_GCM, not enabled per default) @@ -241,7 +249,11 @@ RFC 4253, The Secure Shell (SSH) Transport Layer Protocol.

Except

- 8.1. diffie-hellman-group1-sha1. Disabled by default, can be enabled with the preferred_algorithms option. + 8.1. diffie-hellman-group1-sha1. Disabled by default, can be enabled with the + preferred_algorithms + or + modify_algorithms + options.

@@ -280,7 +292,10 @@

There is an ambiguity in the synchronized selection of cipher and mac algorithm. This is resolved by OpenSSH in the ciphers aes128-gcm@openssh.com and aes256-gcm@openssh.com which are implemented. If the explicit ciphers and macs AEAD_AES_128_GCM or AEAD_AES_256_GCM are needed, - they could be enabled with the option preferred_algorithms. + they could be enabled with the options + preferred_algorithms + or + modify_algorithms.

@@ -322,10 +337,18 @@

Deviations:

The diffie-hellman-group1-sha1 is not enabled by default, but is still supported and can be enabled - with the option preferred-algorithms + with the options + preferred_algorithms + or + modify_algorithms. + The questionable sha1-based algorithms diffie-hellman-group-exchange-sha1 and diffie-hellman-group14-sha1 are still enabled by default for compatibility with ancient clients and servers. - They can be disabled with the option preferred-algorithms + They can be disabled with the options + preferred_algorithms + or + modify_algorithms. + They will be disabled by default when the draft is turned into an RFC.

-- cgit v1.2.3