diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-09-12 16:52:28 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-09-12 16:52:28 +0000 |
| commit | ffa1dd681712f92c71444cea28975265b826e8e8 (patch) | |
| tree | 97a6275941f2e15ba8d05944a45fcace988bb484 | |
| parent | 044274bcb0ed2b0153d520ce500ebd886e0105f1 (diff) | |
- stevesk@cvs.openbsd.org 2001/08/22 17:45:16
[ssh.1]
document cipher des for protocol 1; ok deraadt@
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | ssh.1 | 29 |
2 files changed, 25 insertions, 9 deletions
@@ -19,6 +19,9 @@ - stevesk@cvs.openbsd.org 2001/08/22 16:30:02 [sshd.8] no rexd; ok markus@ + - stevesk@cvs.openbsd.org 2001/08/22 17:45:16 + [ssh.1] + document cipher des for protocol 1; ok deraadt@ 20010815 - (bal) Fixed stray code in readconf.c that went in by mistake. @@ -6342,4 +6345,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1490 2001/09/12 16:46:08 mouring Exp $ +$Id: ChangeLog,v 1.1491 2001/09/12 16:52:28 mouring Exp $ @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.130 2001/08/22 16:21:21 stevesk Exp $ +.\" $OpenBSD: ssh.1,v 1.131 2001/08/22 17:45:16 stevesk Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -389,20 +389,24 @@ This can also be specified on a per-host basis in a configuration file. .It Fl b Ar bind_address Specify the interface to transmit from on machines with multiple interfaces or aliased addresses. -.It Fl c Ar blowfish|3des +.It Fl c Ar blowfish|3des|des Selects the cipher to use for encrypting the session. .Ar 3des is used by default. It is believed to be secure. .Ar 3des (triple-des) is an encrypt-decrypt-encrypt triple with three different keys. -It is presumably more secure than the -.Ar des -cipher which is no longer fully supported in -.Nm ssh . .Ar blowfish is a fast block cipher, it appears very secure and is much faster than .Ar 3des . +.Ar des +is only supported in the +.Nm +client for interoperability with legacy protocol 1 implementations +that do not support the +.Ar 3des +cipher. Its use is strongly discouraged due to cryptographic +weaknesses. .It Fl c Ar cipher_spec Additionally, for protocol version 2 a comma-separated list of ciphers can be specified in order of preference. @@ -714,10 +718,19 @@ The default is Specifies the cipher to use for encrypting the session in protocol version 1. Currently, -.Dq blowfish +.Dq blowfish , +.Dq 3des , and -.Dq 3des +.Dq des are supported. +.Ar des +is only supported in the +.Nm +client for interoperability with legacy protocol 1 implementations +that do not support the +.Ar 3des +cipher. Its use is strongly discouraged due to cryptographic +weaknesses. The default is .Dq 3des . .It Cm Ciphers |