diff options
Diffstat (limited to 'ssh.1')
-rw-r--r-- | ssh.1 | 16 |
1 files changed, 5 insertions, 11 deletions
@@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.366 2015/11/15 22:26:49 jcs Exp $ -.Dd $Mdocdate: November 15 2015 $ +.\" $OpenBSD: ssh.1,v 1.367 2016/02/16 05:11:04 djm Exp $ +.Dd $Mdocdate: February 16 2016 $ .Dt SSH 1 .Os .Sh NAME @@ -795,15 +795,9 @@ or the and .Fl 2 options (see above). -Both protocols support similar authentication methods, -but protocol 2 is the default since -it provides additional mechanisms for confidentiality -(the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) -and integrity (hmac-md5, hmac-sha1, -hmac-sha2-256, hmac-sha2-512, -umac-64, umac-128, hmac-ripemd160). -Protocol 1 lacks a strong mechanism for ensuring the -integrity of the connection. +Protocol 2 is the default. +Protocol 1 should not be used - it suffers from a number of cryptographic +weaknesses and is only offered to support legacy devices. .Pp The methods available for authentication are: GSSAPI-based authentication, |