HomePhabricator

Disable *-cbc ciphers by default

Authored by Jakuje on Jul 15 2020, 9:09 PM.

Description

Disable *-cbc ciphers by default

OpenSSH disabled them in 2014 and 2017 for servers and clients so its our
turn to follow the suit.

Fixes T236

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

Details

Committed
asnJul 16 2020, 12:01 PM
Parents
rLIBSSH906cc7e7e950: pki: Avoid memory leak on invalid curve NID
Branches
Unknown
Tags
Unknown
Tasks
T236: Disable *-cbc ciphers by default