[Cerowrt-devel] Available MACs in dropbear

Michael Richardson mcr at sandelman.ca
Fri Oct 24 13:52:52 EDT 2014

Maciej Soltysiak <maciej at soltysiak.com> wrote:
    > For some reason dropbear doesn't have modern MACs for SSH. On cero
    > 3.10.36 I've got Dropbear SSH client v2013.59:

Just to make sure you are clear: hmac-md5 is not subject to any of the
preimage attacks that md5 is subject to.  It's not the same thing.

    > The reason why it hurts me is that I have servers configured according
    > to bettercrypto.org and I can't connect from cero (rare occasions, but

1) MD5 != HMAC-MD5.
2) SSHv2 is not SSL, and POODLE would be impossible against SSHv2 (or IPsec
   for that matter).

]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

More information about the Cerowrt-devel mailing list