From e45796f7b425c04b6ba2d1f72e22c0cb6b3322ef Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 11 Jun 2007 14:01:42 +1000 Subject: - pvalchev@cvs.openbsd.org 2007/06/07 19:37:34 [kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1] [ssh_config.5 sshd.8 sshd_config.5] Add a new MAC algorithm for data integrity, UMAC-64 (not default yet, must specify umac-64@openssh.com). Provides about 20% end-to-end speedup compared to hmac-md5. Represents a different approach to message authentication to that of HMAC that may be beneficial if HMAC based on one of its underlying hash algorithms is found to be vulnerable to a new attack. http://www.ietf.org/rfc/rfc4418.txt in conjunction with and OK djm@ --- sshd.8 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'sshd.8') diff --git a/sshd.8 b/sshd.8 index ad5c865e0..023930e80 100644 --- a/sshd.8 +++ b/sshd.8 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.236 2007/05/31 19:20:16 jmc Exp $ -.Dd $Mdocdate: May 31 2007 $ +.\" $OpenBSD: sshd.8,v 1.237 2007/06/07 19:37:34 pvalchev Exp $ +.Dd $Mdocdate: June 7 2007 $ .Dt SSHD 8 .Os .Sh NAME @@ -276,7 +276,7 @@ The client selects the encryption algorithm to use from those offered by the server. Additionally, session integrity is provided through a cryptographic message authentication code -(hmac-sha1 or hmac-md5). +(hmac-md5, hmac-sha1, umac-64 or hmac-ripemd160). .Pp Finally, the server and the client enter an authentication dialog. The client tries to authenticate itself using -- cgit v1.2.3