From e7901efa9b24e5b0c7e74f2c5520d47eead4d005 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 16 Feb 2016 05:11:04 +0000 Subject: upstream commit Replace list of ciphers and MACs adjacent to -1/-2 flag descriptions in ssh(1) with a strong recommendation not to use protocol 1. Add a similar warning to the Protocol option descriptions in ssh_config(5) and sshd_config(5); prompted by and ok mmcc@ Upstream-ID: 961f99e5437d50e636feca023978950a232ead5e --- ssh.1 | 16 +++++----------- ssh_config.5 | 7 +++++-- sshd_config.5 | 8 ++++++-- 3 files changed, 16 insertions(+), 15 deletions(-) diff --git a/ssh.1 b/ssh.1 index 5b35b6cc..42f71afa 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.366 2015/11/15 22:26:49 jcs Exp $ -.Dd $Mdocdate: November 15 2015 $ +.\" $OpenBSD: ssh.1,v 1.367 2016/02/16 05:11:04 djm Exp $ +.Dd $Mdocdate: February 16 2016 $ .Dt SSH 1 .Os .Sh NAME @@ -795,15 +795,9 @@ or the and .Fl 2 options (see above). -Both protocols support similar authentication methods, -but protocol 2 is the default since -it provides additional mechanisms for confidentiality -(the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) -and integrity (hmac-md5, hmac-sha1, -hmac-sha2-256, hmac-sha2-512, -umac-64, umac-128, hmac-ripemd160). -Protocol 1 lacks a strong mechanism for ensuring the -integrity of the connection. +Protocol 2 is the default. +Protocol 1 should not be used - it suffers from a number of cryptographic +weaknesses and is only offered to support legacy devices. .Pp The methods available for authentication are: GSSAPI-based authentication, diff --git a/ssh_config.5 b/ssh_config.5 index 5b09547d..c8ccfecb 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.224 2016/02/11 02:56:32 djm Exp $ -.Dd $Mdocdate: February 11 2016 $ +.\" $OpenBSD: ssh_config.5,v 1.225 2016/02/16 05:11:04 djm Exp $ +.Dd $Mdocdate: February 16 2016 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1270,6 +1270,9 @@ will try version 2 and fall back to version 1 if version 2 is not available. The default is .Sq 2 . +Protocol 1 suffers from a number of cryptographic weaknesses and should +not be used. +It is only offered to support legacy devices. .It Cm ProxyCommand Specifies the command to use to connect to the server. The command diff --git a/sshd_config.5 b/sshd_config.5 index fa5cff2f..711a0252 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.217 2016/02/11 02:56:32 djm Exp $ -.Dd $Mdocdate: February 11 2016 $ +.\" $OpenBSD: sshd_config.5,v 1.218 2016/02/16 05:11:04 djm Exp $ +.Dd $Mdocdate: February 16 2016 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1342,6 +1342,10 @@ and Multiple versions must be comma-separated. The default is .Sq 2 . +Protocol 1 suffers from a number of cryptographic weaknesses and should +not be used. +It is only offered to support legacy devices. +.Pp Note that the order of the protocol list does not indicate preference, because the client selects among multiple protocol versions offered by the server. -- cgit v1.2.3