diff options
author | des <des@FreeBSD.org> | 2016-03-11 00:23:10 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2016-03-11 00:23:10 +0000 |
commit | ba453f42f3c1044974096e29cb9098cb78db20e5 (patch) | |
tree | 98f72e25491cb0731e1b80367228fc8b1ab82ea8 /crypto/openssh/FREEBSD-upgrade | |
parent | bb6f58c772c321121b8148fe7726de90f90e1dec (diff) | |
download | FreeBSD-src-ba453f42f3c1044974096e29cb9098cb78db20e5.zip FreeBSD-src-ba453f42f3c1044974096e29cb9098cb78db20e5.tar.gz |
Re-add AES-CBC ciphers to the default cipher list on the server.
PR: 207679
Diffstat (limited to 'crypto/openssh/FREEBSD-upgrade')
-rw-r--r-- | crypto/openssh/FREEBSD-upgrade | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/crypto/openssh/FREEBSD-upgrade b/crypto/openssh/FREEBSD-upgrade index 7acd51f..43e2a74 100644 --- a/crypto/openssh/FREEBSD-upgrade +++ b/crypto/openssh/FREEBSD-upgrade @@ -1,4 +1,3 @@ - FreeBSD maintainer's guide to OpenSSH-portable ============================================== @@ -166,6 +165,13 @@ ignore HPN-related configuration options to avoid breaking existing configurations. +A) AES-CBC + + The AES-CBC ciphers were removed from the server-side proposal list + in 6.7p1 due to theoretical weaknesses and the availability of + superior ciphers (including AES-CTR and AES-GCM). We have re-added + them for compatibility with third-party clients. + This port was brought to you by (in no particular order) DARPA, NAI |