[Cerowrt-devel] Available MACs in dropbear
maciej at soltysiak.com
Fri Oct 24 14:40:55 EDT 2014
On Fri, Oct 24, 2014 at 7:52 PM, Michael Richardson <mcr at sandelman.ca> wrote:
> > The reason why it hurts me is that I have servers configured according
> > to bettercrypto.org and I can't connect from cero (rare occasions, but
> 1) MD5 != HMAC-MD5.
That I didn't know, thanks Michael. For some reason bettercrypto.org
people make sure not to use hmac-md5 by suggesting the following:
MACs hmac-sha2-512-etm at openssh.com,hmac-sha2-256-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
I believe I'd be able to connect to if SHA256 or SHA512 was enabled here:
> 2) SSHv2 is not SSL, and POODLE would be impossible against SSHv2 (or IPsec
> for that matter).
That, I'm aware of, yes.
More information about the Cerowrt-devel