- djm@cvs.openbsd.org 2013/11/21 00:45:44

[Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@
author: Damien Miller <djm@mindrot.org> 2013-11-21 14:12:23 +1100
committer: Damien Miller <djm@mindrot.org> 2013-11-21 14:12:23 +1100
commit: 0fde8acdad78a4d20cadae974376cc0165f645ee (patch)
tree: 6e6aa82b73163bcb412920050d98f82ca9f4e86e /ssh_config.5
parent: fdb2306acdc3eb2bc46b6dfdaaf6005c650af22a (diff)
1 files changed, 14 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index 8809568a6..9dbc76ca9 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.179 2013/11/02 22:39:19 markus Exp $
+.\" $OpenBSD: ssh_config.5,v 1.180 2013/11/21 00:45:44 djm Exp $
-.Dd $Mdocdate: November 2 2013 $
+.Dd $Mdocdate: November 21 2013 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -334,7 +334,8 @@ The default is
 Specifies the ciphers allowed for protocol version 2
 in order of preference.
 Multiple ciphers must be comma-separated.
-The supported ciphers are
+The supported ciphers are:
+.Pp
 .Dq 3des-cbc ,
 .Dq aes128-cbc ,
 .Dq aes192-cbc ,
@@ -348,15 +349,24 @@ The supported ciphers are
 .Dq arcfour256 ,
 .Dq arcfour ,
 .Dq blowfish-cbc ,
+.Dq cast128-cbc ,
 and
-.Dq cast128-cbc .
+.Dq chacha20-poly1305@openssh.com .
+.Pp
 The default is:
+.Pp
 .Bd -literal -offset 3n
 aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
 aes128-gcm@openssh.com,aes256-gcm@openssh.com,
+chacha20-poly1305@openssh.com,
 aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
 aes256-cbc,arcfour
 .Ed
+.Pp
+The list of available ciphers may also be obtained using the
+.Fl Q
+option of
+.Xr ssh 1 .
 .It Cm ClearAllForwardings
 Specifies that all local, remote, and dynamic port forwardings
 specified in the configuration files or on the command line be
author	Damien Miller <djm@mindrot.org>	2013-11-21 14:12:23 +1100
committer	Damien Miller <djm@mindrot.org>	2013-11-21 14:12:23 +1100
commit	0fde8acdad78a4d20cadae974376cc0165f645ee (patch)
tree	6e6aa82b73163bcb412920050d98f82ca9f4e86e /ssh_config.5
parent	fdb2306acdc3eb2bc46b6dfdaaf6005c650af22a (diff)

diff --git a/ssh_config.5 b/ssh_config.5 index 8809568a6..9dbc76ca9 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: ssh_config.5,v 1.179 2013/11/02 22:39:19 markus Exp $	36	.\" $OpenBSD: ssh_config.5,v 1.180 2013/11/21 00:45:44 djm Exp $
37	.Dd $Mdocdate: November 2 2013 $	37	.Dd $Mdocdate: November 21 2013 $
38	.Dt SSH_CONFIG 5	38	.Dt SSH_CONFIG 5
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -334,7 +334,8 @@ The default is
334	Specifies the ciphers allowed for protocol version 2	334	Specifies the ciphers allowed for protocol version 2
335	in order of preference.	335	in order of preference.
336	Multiple ciphers must be comma-separated.	336	Multiple ciphers must be comma-separated.
337	The supported ciphers are	337	The supported ciphers are:
		338	.Pp
338	.Dq 3des-cbc ,	339	.Dq 3des-cbc ,
339	.Dq aes128-cbc ,	340	.Dq aes128-cbc ,
340	.Dq aes192-cbc ,	341	.Dq aes192-cbc ,
@@ -348,15 +349,24 @@ The supported ciphers are
348	.Dq arcfour256 ,	349	.Dq arcfour256 ,
349	.Dq arcfour ,	350	.Dq arcfour ,
350	.Dq blowfish-cbc ,	351	.Dq blowfish-cbc ,
		352	.Dq cast128-cbc ,
351	and	353	and
352	.Dq cast128-cbc .	354	.Dq chacha20-poly1305@openssh.com .
		355	.Pp
353	The default is:	356	The default is:
		357	.Pp
354	.Bd -literal -offset 3n	358	.Bd -literal -offset 3n
355	aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,	359	aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
356	aes128-gcm@openssh.com,aes256-gcm@openssh.com,	360	aes128-gcm@openssh.com,aes256-gcm@openssh.com,
		361	chacha20-poly1305@openssh.com,
357	aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,	362	aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
358	aes256-cbc,arcfour	363	aes256-cbc,arcfour
359	.Ed	364	.Ed
		365	.Pp
		366	The list of available ciphers may also be obtained using the
		367	.Fl Q
		368	option of
		369	.Xr ssh 1 .
360	.It Cm ClearAllForwardings	370	.It Cm ClearAllForwardings
361	Specifies that all local, remote, and dynamic port forwardings	371	Specifies that all local, remote, and dynamic port forwardings
362	specified in the configuration files or on the command line be	372	specified in the configuration files or on the command line be