diff options
| author | naddy@openbsd.org <naddy@openbsd.org> | 2019-12-17 16:21:07 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@dtucker.net> | 2019-12-20 14:25:08 +1100 |
| commit | e905f7260d72bc0e33ef5f10a0db737ff6e77ba7 (patch) | |
| tree | 02365802851f4fe68b28fb86d003530ef8be32d4 /sshd.8 | |
| parent | f65cf1163ff01531ae02f3f9210391d0d692f699 (diff) | |
upstream: cut obsolete lists of crypto algorithms from outline of
how SSH works ok markus@ jmc@
OpenBSD-Commit-ID: 8e34973f232ab48c4d4f5d07df48d501708b9160
Diffstat (limited to 'sshd.8')
| -rw-r--r-- | sshd.8 | 11 |
1 files changed, 4 insertions, 7 deletions
| @@ -33,8 +33,8 @@ | |||
| 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 35 | .\" | 35 | .\" |
| 36 | .\" $OpenBSD: sshd.8,v 1.308 2019/11/30 07:07:59 jmc Exp $ | 36 | .\" $OpenBSD: sshd.8,v 1.309 2019/12/17 16:21:07 naddy Exp $ |
| 37 | .Dd $Mdocdate: November 30 2019 $ | 37 | .Dd $Mdocdate: December 17 2019 $ |
| 38 | .Dt SSHD 8 | 38 | .Dt SSHD 8 |
| 39 | .Os | 39 | .Os |
| 40 | .Sh NAME | 40 | .Sh NAME |
| @@ -255,14 +255,11 @@ The client compares the | |||
| 255 | host key against its own database to verify that it has not changed. | 255 | host key against its own database to verify that it has not changed. |
| 256 | Forward security is provided through a Diffie-Hellman key agreement. | 256 | Forward security is provided through a Diffie-Hellman key agreement. |
| 257 | This key agreement results in a shared session key. | 257 | This key agreement results in a shared session key. |
| 258 | The rest of the session is encrypted using a symmetric cipher, currently | 258 | The rest of the session is encrypted using a symmetric cipher. |
| 259 | 128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. | ||
| 260 | The client selects the encryption algorithm | 259 | The client selects the encryption algorithm |
| 261 | to use from those offered by the server. | 260 | to use from those offered by the server. |
| 262 | Additionally, session integrity is provided | 261 | Additionally, session integrity is provided |
| 263 | through a cryptographic message authentication code | 262 | through a cryptographic message authentication code. |
| 264 | (hmac-md5, hmac-sha1, umac-64, umac-128, | ||
| 265 | hmac-sha2-256 or hmac-sha2-512). | ||
| 266 | .Pp | 263 | .Pp |
| 267 | Finally, the server and the client enter an authentication dialog. | 264 | Finally, the server and the client enter an authentication dialog. |
| 268 | The client tries to authenticate itself using | 265 | The client tries to authenticate itself using |