From 39c3c6b0cb5a2b34cadcad857bc70577f1fefba3 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 31 Dec 2017 15:33:56 +0100 Subject: T507: Add new OpenSSH ciphers --- templates/service/ssh/ciphers/node.def | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'templates') diff --git a/templates/service/ssh/ciphers/node.def b/templates/service/ssh/ciphers/node.def index 0394b8e4..b5e5af68 100644 --- a/templates/service/ssh/ciphers/node.def +++ b/templates/service/ssh/ciphers/node.def @@ -1,21 +1,26 @@ type: txt help: Allowed ciphers val_help: txt; Cipher string -val_help: 3des-cbc; 3DES CBC +val_help: aes128-gcm@openssh.com; AES 128 GCM +val_help: aes256-gcm@openssh.com; AES 256 GCM +val_help: chacha20-poly1305@openssh.com; ChaCha20 Poly1305 +val_help: 3des-cbc; 3DES CBC (weak) val_help: aes128-cbc; AES 128 CBC val_help: aes192-cbc; AES 192 CBC val_help: aes256-cbc; AES 256 CBC val_help: aes128-ctr; AES 128 CTR val_help: aes192-ctr; AES 192 CTR val_help: aes256-ctr; AES 256 CTR -val_help: arcfour128; AC4 128 -val_help: arcfour256; AC4 256 -val_help: arcfour; AC4 +val_help: arcfour128; AC4 128 (broken) +val_help: arcfour256; AC4 256 (broken) +val_help: arcfour; AC4 (broken) val_help: blowfish-cbc; Blowfish CBC val_help: cast128-cbc; CAST 128 CBC comp_help: Multiple ciphers can be specified as a comma-separated list. -syntax:expression: pattern $VAR(@) "^((3des-cbc|aes128-cbc|aes192-cbc|aes256-cbc|aes128-ctr|aes192-ctr|\ +syntax:expression: pattern $VAR(@) "^((aes128-gcm@openssh.com|\ +aes256-gcm@openssh.com|chacha20-poly1305@openssh.com|\ +3des-cbc|aes128-cbc|aes192-cbc|aes256-cbc|aes128-ctr|aes192-ctr|\ aes256-ctr|arcfour128|arcfour256|arcfour|\ blowfish-cbc|cast128-cbc)(,|$))+$"; \ "$VAR(@) is not a valid cipher list" -- cgit v1.2.3