From e905f7260d72bc0e33ef5f10a0db737ff6e77ba7 Mon Sep 17 00:00:00 2001 From: "naddy@openbsd.org" Date: Tue, 17 Dec 2019 16:21:07 +0000 Subject: upstream: cut obsolete lists of crypto algorithms from outline of how SSH works ok markus@ jmc@ OpenBSD-Commit-ID: 8e34973f232ab48c4d4f5d07df48d501708b9160 --- sshd.8 | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'sshd.8') diff --git a/sshd.8 b/sshd.8 index 681f65714..c052b8005 100644 --- a/sshd.8 +++ b/sshd.8 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.308 2019/11/30 07:07:59 jmc Exp $ -.Dd $Mdocdate: November 30 2019 $ +.\" $OpenBSD: sshd.8,v 1.309 2019/12/17 16:21:07 naddy Exp $ +.Dd $Mdocdate: December 17 2019 $ .Dt SSHD 8 .Os .Sh NAME @@ -255,14 +255,11 @@ The client compares the host key against its own database to verify that it has not changed. Forward security is provided through a Diffie-Hellman key agreement. This key agreement results in a shared session key. -The rest of the session is encrypted using a symmetric cipher, currently -128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. +The rest of the session is encrypted using a symmetric cipher. The client selects the encryption algorithm to use from those offered by the server. Additionally, session integrity is provided -through a cryptographic message authentication code -(hmac-md5, hmac-sha1, umac-64, umac-128, -hmac-sha2-256 or hmac-sha2-512). +through a cryptographic message authentication code. .Pp Finally, the server and the client enter an authentication dialog. The client tries to authenticate itself using -- cgit v1.2.3