diff options
| author | Damien Miller <djm@mindrot.org> | 2007-06-11 14:01:42 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2007-06-11 14:01:42 +1000 |
| commit | e45796f7b425c04b6ba2d1f72e22c0cb6b3322ef (patch) | |
| tree | 4882ccdb6184b1cf259ff916c2f716f3d1238f93 /ssh.1 | |
| parent | 835284b74c984600aa50ebac527c37238027b4da (diff) | |
| download | openssh-git-e45796f7b425c04b6ba2d1f72e22c0cb6b3322ef.tar.gz | |
- pvalchev@cvs.openbsd.org 2007/06/07 19:37:34
[kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
[ssh_config.5 sshd.8 sshd_config.5]
Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
must specify umac-64@openssh.com). Provides about 20% end-to-end speedup
compared to hmac-md5. Represents a different approach to message
authentication to that of HMAC that may be beneficial if HMAC based on
one of its underlying hash algorithms is found to be vulnerable to a
new attack. http://www.ietf.org/rfc/rfc4418.txt
in conjunction with and OK djm@
Diffstat (limited to 'ssh.1')
| -rw-r--r-- | ssh.1 | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.267 2007/05/31 19:20:16 jmc Exp $ -.Dd $Mdocdate: May 31 2007 $ +.\" $OpenBSD: ssh.1,v 1.268 2007/06/07 19:37:34 pvalchev Exp $ +.Dd $Mdocdate: June 7 2007 $ .Dt SSH 1 .Os .Sh NAME @@ -674,7 +674,7 @@ Both protocols support similar authentication methods, but protocol 2 is preferred since it provides additional mechanisms for confidentiality (the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) -and integrity (hmac-md5, hmac-sha1, hmac-ripemd160). +and integrity (hmac-md5, hmac-sha1, umac-64, hmac-ripemd160). Protocol 1 lacks a strong mechanism for ensuring the integrity of the connection. .Pp |