| Summary: | net-misc/openssh-5.9_p1-r4 - sshd_config(5) lists macs name hmac-sha2-256-96 incorrectly as hmac-sha256-96 | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | cilly <cilly> |
| Component: | [OLD] Core system | Assignee: | Gentoo's Team for Core System packages <base-system> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
i think this is fixed in openssh-6.6 |
In man sshd_config the following macs are listed: MACs Specifies the available MAC (message authentication code) algorithms. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. The default is: hmac-md5,hmac-sha1,umac-64@openssh.com, hmac-ripemd160,hmac-sha1-96,hmac-md5-96, hmac-sha2-256,hmac-sha256-96,hmac-sha2-512, hmac-sha2-512-96 If you try to specify hmac-sha256-96 in sshd.config, the server denies to restart, invalid macs. hmac-sha256-96 must be named as hmac-sha2-256-96 In man ssh_config the macs are listed correct: MACs Specifies the MAC (message authentication code) algorithms in order of preference. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. The default is: hmac-md5,hmac-sha1,umac-64@openssh.com, hmac-ripemd160,hmac-sha1-96,hmac-md5-96, hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512, hmac-sha2-512-96 I do not know, if this is only wrong in manpage or in other places, too. If you try to set hmac-sha2-256-96, vim lists the value as not recognized. If it is hmac-sha256-96, vim recognizes it. But sshd will only work with hmac-sha2-256-96.