diff options
author | Damien Miller <djm@mindrot.org> | 2007-06-11 14:01:42 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2007-06-11 14:01:42 +1000 |
commit | e45796f7b425c04b6ba2d1f72e22c0cb6b3322ef (patch) | |
tree | 4882ccdb6184b1cf259ff916c2f716f3d1238f93 /sshd.8 | |
parent | 835284b74c984600aa50ebac527c37238027b4da (diff) |
- pvalchev@cvs.openbsd.org 2007/06/07 19:37:34
[kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
[ssh_config.5 sshd.8 sshd_config.5]
Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
must specify umac-64@openssh.com). Provides about 20% end-to-end speedup
compared to hmac-md5. Represents a different approach to message
authentication to that of HMAC that may be beneficial if HMAC based on
one of its underlying hash algorithms is found to be vulnerable to a
new attack. http://www.ietf.org/rfc/rfc4418.txt
in conjunction with and OK djm@
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -34,8 +34,8 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.236 2007/05/31 19:20:16 jmc Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.237 2007/06/07 19:37:34 pvalchev Exp $ |
38 | .Dd $Mdocdate: May 31 2007 $ | 38 | .Dd $Mdocdate: June 7 2007 $ |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -276,7 +276,7 @@ The client selects the encryption algorithm | |||
276 | to use from those offered by the server. | 276 | to use from those offered by the server. |
277 | Additionally, session integrity is provided | 277 | Additionally, session integrity is provided |
278 | through a cryptographic message authentication code | 278 | through a cryptographic message authentication code |
279 | (hmac-sha1 or hmac-md5). | 279 | (hmac-md5, hmac-sha1, umac-64 or hmac-ripemd160). |
280 | .Pp | 280 | .Pp |
281 | Finally, the server and the client enter an authentication dialog. | 281 | Finally, the server and the client enter an authentication dialog. |
282 | The client tries to authenticate itself using | 282 | The client tries to authenticate itself using |