- pvalchev@cvs.openbsd.org 2007/06/07 19:37:34

[kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1] [ssh_config.5 sshd.8 sshd_config.5] Add a new MAC algorithm for data integrity, UMAC-64 (not default yet, must specify umac-64@openssh.com). Provides about 20% end-to-end speedup compared to hmac-md5. Represents a different approach to message authentication to that of HMAC that may be beneficial if HMAC based on one of its underlying hash algorithms is found to be vulnerable to a new attack. http://www.ietf.org/rfc/rfc4418.txt in conjunction with and OK djm@
author: Damien Miller <djm@mindrot.org> 2007-06-11 14:01:42 +1000
committer: Damien Miller <djm@mindrot.org> 2007-06-11 14:01:42 +1000
commit: e45796f7b425c04b6ba2d1f72e22c0cb6b3322ef (patch)
tree: 4882ccdb6184b1cf259ff916c2f716f3d1238f93 /sshd.8
parent: 835284b74c984600aa50ebac527c37238027b4da (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/sshd.8 b/sshd.8
index ad5c865e0..023930e80 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.236 2007/05/31 19:20:16 jmc Exp $
+.\" $OpenBSD: sshd.8,v 1.237 2007/06/07 19:37:34 pvalchev Exp $
-.Dd $Mdocdate: May 31 2007 $
+.Dd $Mdocdate: June 7 2007 $
 .Dt SSHD 8
 .Os
 .Sh NAME
@@ -276,7 +276,7 @@ The client selects the encryption algorithm
 to use from those offered by the server.
 Additionally, session integrity is provided
 through a cryptographic message authentication code
-(hmac-sha1 or hmac-md5).
+(hmac-md5, hmac-sha1, umac-64 or hmac-ripemd160).
 .Pp
 Finally, the server and the client enter an authentication dialog.
 The client tries to authenticate itself using
author	Damien Miller <djm@mindrot.org>	2007-06-11 14:01:42 +1000
committer	Damien Miller <djm@mindrot.org>	2007-06-11 14:01:42 +1000
commit	e45796f7b425c04b6ba2d1f72e22c0cb6b3322ef (patch)
tree	4882ccdb6184b1cf259ff916c2f716f3d1238f93 /sshd.8
parent	835284b74c984600aa50ebac527c37238027b4da (diff)

diff --git a/sshd.8 b/sshd.8 index ad5c865e0..023930e80 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,8 +34,8 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.236 2007/05/31 19:20:16 jmc Exp $	37	.\" $OpenBSD: sshd.8,v 1.237 2007/06/07 19:37:34 pvalchev Exp $
38	.Dd $Mdocdate: May 31 2007 $	38	.Dd $Mdocdate: June 7 2007 $
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
41	.Sh NAME	41	.Sh NAME
@@ -276,7 +276,7 @@ The client selects the encryption algorithm
276	to use from those offered by the server.	276	to use from those offered by the server.
277	Additionally, session integrity is provided	277	Additionally, session integrity is provided
278	through a cryptographic message authentication code	278	through a cryptographic message authentication code
279	(hmac-sha1 or hmac-md5).	279	(hmac-md5, hmac-sha1, umac-64 or hmac-ripemd160).
280	.Pp	280	.Pp
281	Finally, the server and the client enter an authentication dialog.	281	Finally, the server and the client enter an authentication dialog.
282	The client tries to authenticate itself using	282	The client tries to authenticate itself using