diff options
author | djm <djm> | 2007-06-11 04:01:42 +0000 |
---|---|---|
committer | djm <djm> | 2007-06-11 04:01:42 +0000 |
commit | f4c2ce899feb8dd33fb179ceae1d36b2c04ae789 (patch) | |
tree | 47c10b43540fecda9a871bc84b8c4f286cc1ebce /ssh.1 | |
parent | ecf14bbf8e874b7e22f59597ee8471e69261ea1d (diff) | |
download | openssh-f4c2ce899feb8dd33fb179ceae1d36b2c04ae789.tar.gz |
- pvalchev@cvs.openbsd.org 2007/06/07 19:37:34
[kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
[ssh_config.5 sshd.8 sshd_config.5]
Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
must specify umac-64@openssh.com). Provides about 20% end-to-end speedup
compared to hmac-md5. Represents a different approach to message
authentication to that of HMAC that may be beneficial if HMAC based on
one of its underlying hash algorithms is found to be vulnerable to a
new attack. http://www.ietf.org/rfc/rfc4418.txt
in conjunction with and OK djm@
Diffstat (limited to 'ssh.1')
-rw-r--r-- | ssh.1 | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.267 2007/05/31 19:20:16 jmc Exp $ -.Dd $Mdocdate: May 31 2007 $ +.\" $OpenBSD: ssh.1,v 1.268 2007/06/07 19:37:34 pvalchev Exp $ +.Dd $Mdocdate: June 7 2007 $ .Dt SSH 1 .Os .Sh NAME @@ -674,7 +674,7 @@ Both protocols support similar authentication methods, but protocol 2 is preferred since it provides additional mechanisms for confidentiality (the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) -and integrity (hmac-md5, hmac-sha1, hmac-ripemd160). +and integrity (hmac-md5, hmac-sha1, umac-64, hmac-ripemd160). Protocol 1 lacks a strong mechanism for ensuring the integrity of the connection. .Pp |