On Thu, Apr 05, 2018 at 01:51:51PM +0200, Renaud Allard wrote: > Hello, > > The man page for openssh 7.7 for Ciphers specifications mentions: > > The default is: > chacha20-poly1...@openssh.com, > aes128-ctr,aes192-ctr,aes256-ctr, > aes128-...@openssh.com,aes256-...@openssh.com, > aes128-cbc,aes192-cbc,aes256-cbc > > > However, ssh doesn't use the last line in that list: > $ ssh -G 127.0.0.1 |grep ciphers > ciphers > chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com > > The changelog doesn't mention any change in the ciphers either. > > > > Regards >
The man ssh_config page is wrong (sshd_config is right). -Otto Index: ssh_config.5 =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh_config.5,v retrieving revision 1.268 diff -u -p -r1.268 ssh_config.5 --- ssh_config.5 23 Feb 2018 07:38:09 -0000 1.268 +++ ssh_config.5 5 Apr 2018 12:08:36 -0000 @@ -425,8 +425,7 @@ The default is: .Bd -literal -offset indent chacha20-poly1...@openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, -aes128-...@openssh.com,aes256-...@openssh.com, -aes128-cbc,aes192-cbc,aes256-cbc +aes128-...@openssh.com,aes256-...@openssh.com .Ed .Pp The list of available ciphers may also be obtained using