- djm@cvs.openbsd.org 2011/08/02 01:22:11

[mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5] Add new SHA256 and SHA512 based HMAC modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt Patch from mdb AT juniper.net; feedback and ok markus@
author: Damien Miller <djm@mindrot.org> 2011-08-06 06:17:30 +1000
committer: Damien Miller <djm@mindrot.org> 2011-08-06 06:17:30 +1000
commit: 20bd4535c01f4a47f535d6e4dc84420a6c5425a5 (patch)
tree: 286fecc890f7799e26b68c08d9f2436b448bbc55 /ssh.1
parent: adb467fb692600c569d8129dfd96371b481d2653 (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/ssh.1 b/ssh.1
index 7f3a79b48..9c1ca4b16 100644
--- a/ssh.1
+++ b/ssh.1
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.319 2011/05/07 23:20:25 jmc Exp $
+.\" $OpenBSD: ssh.1,v 1.320 2011/08/02 01:22:11 djm Exp $
-.Dd $Mdocdate: May 7 2011 $
+.Dd $Mdocdate: August 2 2011 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -667,7 +667,9 @@ Both protocols support similar authentication methods,
 but protocol 2 is the default since
 it provides additional mechanisms for confidentiality
 (the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour)
-and integrity (hmac-md5, hmac-sha1, umac-64, hmac-ripemd160).
+and integrity (hmac-md5, hmac-sha1,
+hmac-sha2-256, hmac-sha2-512,
+umac-64, hmac-ripemd160).
 Protocol 1 lacks a strong mechanism for ensuring the
 integrity of the connection.
 .Pp
author	Damien Miller <djm@mindrot.org>	2011-08-06 06:17:30 +1000
committer	Damien Miller <djm@mindrot.org>	2011-08-06 06:17:30 +1000
commit	20bd4535c01f4a47f535d6e4dc84420a6c5425a5 (patch)
tree	286fecc890f7799e26b68c08d9f2436b448bbc55 /ssh.1
parent	adb467fb692600c569d8129dfd96371b481d2653 (diff)

diff --git a/ssh.1 b/ssh.1 index 7f3a79b48..9c1ca4b16 100644 --- a/ssh.1 +++ b/ssh.1
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: ssh.1,v 1.319 2011/05/07 23:20:25 jmc Exp $	36	.\" $OpenBSD: ssh.1,v 1.320 2011/08/02 01:22:11 djm Exp $
37	.Dd $Mdocdate: May 7 2011 $	37	.Dd $Mdocdate: August 2 2011 $
38	.Dt SSH 1	38	.Dt SSH 1
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -667,7 +667,9 @@ Both protocols support similar authentication methods,
667	but protocol 2 is the default since	667	but protocol 2 is the default since
668	it provides additional mechanisms for confidentiality	668	it provides additional mechanisms for confidentiality
669	(the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour)	669	(the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour)
670	and integrity (hmac-md5, hmac-sha1, umac-64, hmac-ripemd160).	670	and integrity (hmac-md5, hmac-sha1,
		671	hmac-sha2-256, hmac-sha2-512,
		672	umac-64, hmac-ripemd160).
671	Protocol 1 lacks a strong mechanism for ensuring the	673	Protocol 1 lacks a strong mechanism for ensuring the
672	integrity of the connection.	674	integrity of the connection.
673	.Pp	675	.Pp