cast128-ctr and blowfish-ctr are listed as fail and/or warn, but aren't part of recommendations at end #16
Comments
|
Thanks for letting me know. To speed up testing, what client & version did you encounter this with? |
|
Tera Term 4.105.
Your script also yelled about all the Camellia ciphers that TeraTerm has
turned on by default but I figured, given that I've seen Camellia _no where
else_ in relation to SSH, that it was a waste of time to submit those.
…On Wed, Jan 8, 2020 at 2:03 PM Joe Testa ***@***.***> wrote:
Thanks for letting me know.
To speed up testing, what client & version did you encounter this with?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#16?email_source=notifications&email_token=ADB5P3RPMBVEPWJEH7ZVZU3Q4YWRPA5CNFSM4KB7FUGKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEINZOKI#issuecomment-572233513>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADB5P3UQLAB7PB5NK2NXYFLQ4YWRPANCNFSM4KB7FUGA>
.
|
jtesta
added a commit
that referenced
this issue
Mar 10, 2020
… camellia192-ctr, camellia256-cbc, camellia256-ctr). Fixed certain algorithms not appearing in the recommendations list (#16).
|
Fixed in the Thanks for reporting this! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
cast128-ctr and blowfish-ctr (correctly) fail in the client (-c) report:
[snipped]
encryption algorithms (ciphers)
(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes192-ctr -- [info] available since OpenSSH 3.7
(enc) blowfish-ctr -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- [fail] disabled since Dropbear SSH 0.53- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm- [warn] using weak cipher mode- [warn] using small 64-bit block size(enc) cast128-ctr -- [fail] deprecated cipher
(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm- [warn] using weak cipherBut aren't mentioned in the recommendations report:
algorithm recommendations
(rec) -arcfour -- enc algorithm to remove
A peek at the code doesn't show any obvious reason why this should happen, and I know it's minor, but the program is otherwise so thorough I felt I should let you know.
The text was updated successfully, but these errors were encountered: