26 SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, |
26 SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, |
27 +#endif |
27 +#endif |
28 { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 }, |
28 { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 }, |
29 { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 }, |
29 { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 }, |
30 { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 }, |
30 { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 }, |
31 diff -pur old/myproposal.h new/myproposal.h |
|
32 --- old/myproposal.h |
|
33 +++ new/myproposal.h |
|
34 @@ -119,9 +119,16 @@ |
|
35 "aes128-ctr,aes192-ctr,aes256-ctr" \ |
|
36 AESGCM_CIPHER_MODES |
|
37 |
|
38 +#ifdef WITHOUT_CAST128 |
|
39 +# define CAST128 |
|
40 +#else |
|
41 +# define CAST128 "cast128-cbc" |
|
42 +#endif |
|
43 + |
|
44 #define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT "," \ |
|
45 "arcfour256,arcfour128," \ |
|
46 - "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ |
|
47 + "aes128-cbc,3des-cbc,blowfish-cbc," \ |
|
48 + CAST128 \ |
|
49 "aes192-cbc,aes256-cbc,arcfour,[email protected]" |
|
50 |
|
51 #define KEX_SERVER_MAC \ |
|
52 diff -pur old/ssh.1 new/ssh.1 |
|
53 --- old/ssh.1 |
|
54 +++ new/ssh.1 |
|
55 @@ -788,7 +788,7 @@ options (see above). |
|
56 Both protocols support similar authentication methods, |
|
57 but protocol 2 is the default since |
|
58 it provides additional mechanisms for confidentiality |
|
59 -(the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) |
|
60 +(the traffic is encrypted using AES, 3DES, Blowfish, or Arcfour) |
|
61 and integrity (hmac-md5, hmac-sha1, |
|
62 hmac-sha2-256, hmac-sha2-512, |
|
63 umac-64, umac-128, hmac-ripemd160). |
|
64 diff -pur old/ssh_config.5 new/ssh_config.5 |
31 diff -pur old/ssh_config.5 new/ssh_config.5 |
65 --- old/ssh_config.5 |
32 --- old/ssh_config.5 |
66 +++ new/ssh_config.5 |
33 +++ new/ssh_config.5 |
67 @@ -408,8 +408,6 @@ arcfour256 |
34 @@ -478,8 +478,6 @@ arcfour256 |
68 .It |
35 .It |
69 blowfish-cbc |
36 blowfish-cbc |
70 .It |
37 .It |
71 -cast128-cbc |
38 -cast128-cbc |
72 -.It |
39 -.It |
73 [email protected] |
40 [email protected] |
74 .El |
41 .El |
75 .Pp |
|
76 @@ -419,7 +417,7 @@ [email protected], |
|
77 aes128-ctr,aes192-ctr,aes256-ctr, |
|
78 [email protected],[email protected], |
|
79 arcfour256,arcfour128, |
|
80 -aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc, |
|
81 +aes128-cbc,3des-cbc,blowfish-cbc, |
|
82 aes192-cbc,aes256-cbc,arcfour |
|
83 .Ed |
|
84 .Pp |
42 .Pp |
85 diff -pur old/sshd.8 new/sshd.8 |
43 diff -pur old/sshd.8 new/sshd.8 |
86 --- old/sshd.8 |
44 --- old/sshd.8 |
87 +++ new/sshd.8 |
45 +++ new/sshd.8 |
88 @@ -307,7 +307,7 @@ For protocol 2, |
46 @@ -307,7 +307,7 @@ For protocol 2, |