Thanks. Appreciate it!! :)
> Sent: Saturday, April 28, 2018 at 11:11 AM
> From: "Darren Tucker" <dtuc...@dtucker.net>
> To: "Hess THR" <hessnovth...@mail.com>
> Cc: "OpenBSD Misc List" <misc@openbsd.org>
> Subject: Re: Disabling message CRCs in SSHD
>
> On 28 April 2018 at 03:20, Hess THR <hessnovth...@mail.com> wrote:
> > Based on the:
> >
> > http://www.vegardno.net/2017/03/fuzzing-openssh-daemon-using-afl.html
> >
> > I tried to search for these code pieces (I know he was using openbsd-compat
> > and not the original OpenSSH code) but didn't found it, didn't even find
> > similar for disabling message CRCs:
>
> Short answer: It's gone, you can ignore that part.
>
> Long answer: CRC32 was the message integrity method for SSH Protocol
> v1 and the last of the SSH1 code was removed[0] in the 7.6 release[1]
> (in part because CRC32 a weak integrity guarantee compared to a proper
> MAC).
>
> [0] https://github.com/openssh/openssh-portable/commit/3d6d09f2
> [1] https://www.openssh.com/releasenotes.html#7.6
>
> --
> Darren Tucker (dtucker at dtucker.net)
> GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
> Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
>
