[ad_1]
I have an old version of netbsd which I am using. I wanted to configure the openssh to use strong ciphers and macs, but when saw the available macs it did not have support for SHA256 and higher. macs supported are
macs[] =
"hmac-sha1", SSH_EVP, EVP_sha1, 0, -1, -1 ,
"hmac-sha1-96", SSH_EVP, EVP_sha1, 96, -1, -1 ,
"hmac-md5", SSH_EVP, EVP_md5, 0, -1, -1 ,
"hmac-md5-96", SSH_EVP, EVP_md5, 96, -1, -1 ,
"hmac-ripemd160", SSH_EVP, EVP_ripemd160, 0, -1, -1 ,
"hmac-ripemd160@openssh.com", SSH_EVP, EVP_ripemd160, 0, -1, -1 ,
#ifdef UMAC_HAS_BEEN_UNBROKEN
"umac-64@openssh.com", SSH_UMAC, NULL, 0, 128, 64 ,
#endif
NULL, 0, NULL, 0, -1, -1
;
But when I check for supported ciphers for key exchange, I find that SHA256 can be used
#define KEX_DH1 "diffie-hellman-group1-sha1"
#define KEX_DH14 "diffie-hellman-group14-sha1"
#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
How is that. If there is an implementation of SHA256 in my netbsd openssh, why isn't it available as a mac cipher?
[ad_2]
لینک منبع