- stevesk@cvs.openbsd.org 2001/08/22 17:45:16

[ssh.1] document cipher des for protocol 1; ok deraadt@
author: Ben Lindstrom <mouring@eviladmin.org> 2001-09-12 16:52:28 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-09-12 16:52:28 +0000
commit: ffa1dd681712f92c71444cea28975265b826e8e8 (patch)
tree: 97a6275941f2e15ba8d05944a45fcace988bb484
parent: 044274bcb0ed2b0153d520ce500ebd886e0105f1 (diff)
2 files changed, 25 insertions, 9 deletions
diff --git a/ChangeLog b/ChangeLog
index 61f07163d..900b40fbd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -19,6 +19,9 @@
   - stevesk@cvs.openbsd.org 2001/08/22 16:30:02
     [sshd.8]
     no rexd; ok markus@
+   - stevesk@cvs.openbsd.org 2001/08/22 17:45:16
+     [ssh.1]
+     document cipher des for protocol 1; ok deraadt@
 20010815
 - (bal) Fixed stray code in readconf.c that went in by mistake.
@@ -6342,4 +6345,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.1490 2001/09/12 16:46:08 mouring Exp $
+$Id: ChangeLog,v 1.1491 2001/09/12 16:52:28 mouring Exp $
diff --git a/ssh.1 b/ssh.1
index ff08013bb..4fef3d587 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.130 2001/08/22 16:21:21 stevesk Exp $
+.\" $OpenBSD: ssh.1,v 1.131 2001/08/22 17:45:16 stevesk Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -389,20 +389,24 @@ This can also be specified on a per-host basis in a configuration file.
 .It Fl b Ar bind_address
 Specify the interface to transmit from on machines with multiple
 interfaces or aliased addresses.
-.It Fl c Ar blowfish|3des
+.It Fl c Ar blowfish|3des|des
 Selects the cipher to use for encrypting the session.
 .Ar 3des
 is used by default.
 It is believed to be secure.
 .Ar 3des
 (triple-des) is an encrypt-decrypt-encrypt triple with three different keys.
-It is presumably more secure than the
-.Ar des
-cipher which is no longer fully supported in
-.Nm ssh .
 .Ar blowfish
 is a fast block cipher, it appears very secure and is much faster than
 .Ar 3des .
+.Ar des
+is only supported in the
+.Nm
+client for interoperability with legacy protocol 1 implementations
+that do not support the
+.Ar 3des
+cipher.  Its use is strongly discouraged due to cryptographic
+weaknesses.
 .It Fl c Ar cipher_spec
 Additionally, for protocol version 2 a comma-separated list of ciphers can
 be specified in order of preference.
@@ -714,10 +718,19 @@ The default is
 Specifies the cipher to use for encrypting the session
 in protocol version 1.
 Currently,
-.Dq blowfish
+.Dq blowfish ,
+.Dq 3des ,
 and
-.Dq 3des
+.Dq des
 are supported.
+.Ar des
+is only supported in the
+.Nm
+client for interoperability with legacy protocol 1 implementations
+that do not support the
+.Ar 3des
+cipher.  Its use is strongly discouraged due to cryptographic
+weaknesses.
 The default is
 .Dq 3des .
 .It Cm Ciphers
author	Ben Lindstrom <mouring@eviladmin.org>	2001-09-12 16:52:28 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-09-12 16:52:28 +0000
commit	ffa1dd681712f92c71444cea28975265b826e8e8 (patch)
tree	97a6275941f2e15ba8d05944a45fcace988bb484
parent	044274bcb0ed2b0153d520ce500ebd886e0105f1 (diff)

diff --git a/ChangeLog b/ChangeLog index 61f07163d..900b40fbd 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -19,6 +19,9 @@
19	- stevesk@cvs.openbsd.org 2001/08/22 16:30:02	19	- stevesk@cvs.openbsd.org 2001/08/22 16:30:02
20	[sshd.8]	20	[sshd.8]
21	no rexd; ok markus@	21	no rexd; ok markus@
		22	- stevesk@cvs.openbsd.org 2001/08/22 17:45:16
		23	[ssh.1]
		24	document cipher des for protocol 1; ok deraadt@
22		25
23	20010815	26	20010815
24	- (bal) Fixed stray code in readconf.c that went in by mistake.	27	- (bal) Fixed stray code in readconf.c that went in by mistake.
@@ -6342,4 +6345,4 @@
6342	- Wrote replacements for strlcpy and mkdtemp	6345	- Wrote replacements for strlcpy and mkdtemp
6343	- Released 1.0pre1	6346	- Released 1.0pre1
6344		6347
6345	$Id: ChangeLog,v 1.1490 2001/09/12 16:46:08 mouring Exp $	6348	$Id: ChangeLog,v 1.1491 2001/09/12 16:52:28 mouring Exp $


diff --git a/ssh.1 b/ssh.1 index ff08013bb..4fef3d587 100644 --- a/ssh.1 +++ b/ssh.1
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: ssh.1,v 1.130 2001/08/22 16:21:21 stevesk Exp $	37	.\" $OpenBSD: ssh.1,v 1.131 2001/08/22 17:45:16 stevesk Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSH 1	39	.Dt SSH 1
40	.Os	40	.Os
@@ -389,20 +389,24 @@ This can also be specified on a per-host basis in a configuration file.
389	.It Fl b Ar bind_address	389	.It Fl b Ar bind_address
390	Specify the interface to transmit from on machines with multiple	390	Specify the interface to transmit from on machines with multiple
391	interfaces or aliased addresses.	391	interfaces or aliased addresses.
392	.It Fl c Ar blowfish\|3des	392	.It Fl c Ar blowfish\|3des\|des
393	Selects the cipher to use for encrypting the session.	393	Selects the cipher to use for encrypting the session.
394	.Ar 3des	394	.Ar 3des
395	is used by default.	395	is used by default.
396	It is believed to be secure.	396	It is believed to be secure.
397	.Ar 3des	397	.Ar 3des
398	(triple-des) is an encrypt-decrypt-encrypt triple with three different keys.	398	(triple-des) is an encrypt-decrypt-encrypt triple with three different keys.
399	It is presumably more secure than the
400	.Ar des
401	cipher which is no longer fully supported in
402	.Nm ssh .
403	.Ar blowfish	399	.Ar blowfish
404	is a fast block cipher, it appears very secure and is much faster than	400	is a fast block cipher, it appears very secure and is much faster than
405	.Ar 3des .	401	.Ar 3des .
		402	.Ar des
		403	is only supported in the
		404	.Nm
		405	client for interoperability with legacy protocol 1 implementations
		406	that do not support the
		407	.Ar 3des
		408	cipher. Its use is strongly discouraged due to cryptographic
		409	weaknesses.
406	.It Fl c Ar cipher_spec	410	.It Fl c Ar cipher_spec
407	Additionally, for protocol version 2 a comma-separated list of ciphers can	411	Additionally, for protocol version 2 a comma-separated list of ciphers can
408	be specified in order of preference.	412	be specified in order of preference.
@@ -714,10 +718,19 @@ The default is
714	Specifies the cipher to use for encrypting the session	718	Specifies the cipher to use for encrypting the session
715	in protocol version 1.	719	in protocol version 1.
716	Currently,	720	Currently,
717	.Dq blowfish	721	.Dq blowfish ,
		722	.Dq 3des ,
718	and	723	and
719	.Dq 3des	724	.Dq des
720	are supported.	725	are supported.
		726	.Ar des
		727	is only supported in the
		728	.Nm
		729	client for interoperability with legacy protocol 1 implementations
		730	that do not support the
		731	.Ar 3des
		732	cipher. Its use is strongly discouraged due to cryptographic
		733	weaknesses.
721	The default is	734	The default is
722	.Dq 3des .	735	.Dq 3des .
723	.It Cm Ciphers	736	.It Cm Ciphers