diff options
author | Kevin Steves <stevesk@cvs.openbsd.org> | 2001-08-22 17:45:17 +0000 |
---|---|---|
committer | Kevin Steves <stevesk@cvs.openbsd.org> | 2001-08-22 17:45:17 +0000 |
commit | 7ec0b9cd922be19aa300ba8f05570557ce9d99b2 (patch) | |
tree | c03c87f108fe5fde4d86fccb857ba8b583dfae10 /usr.bin/ssh/ssh.1 | |
parent | 29da4ba14b54118fa89b7ad4d6214b47b22220eb (diff) |
document cipher des for protocol 1; ok deraadt@
Diffstat (limited to 'usr.bin/ssh/ssh.1')
-rw-r--r-- | usr.bin/ssh/ssh.1 | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index ff08013bb4a..4fef3d5875f 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.130 2001/08/22 16:21:21 stevesk Exp $ +.\" $OpenBSD: ssh.1,v 1.131 2001/08/22 17:45:16 stevesk Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -389,20 +389,24 @@ This can also be specified on a per-host basis in a configuration file. .It Fl b Ar bind_address Specify the interface to transmit from on machines with multiple interfaces or aliased addresses. -.It Fl c Ar blowfish|3des +.It Fl c Ar blowfish|3des|des Selects the cipher to use for encrypting the session. .Ar 3des is used by default. It is believed to be secure. .Ar 3des (triple-des) is an encrypt-decrypt-encrypt triple with three different keys. -It is presumably more secure than the -.Ar des -cipher which is no longer fully supported in -.Nm ssh . .Ar blowfish is a fast block cipher, it appears very secure and is much faster than .Ar 3des . +.Ar des +is only supported in the +.Nm +client for interoperability with legacy protocol 1 implementations +that do not support the +.Ar 3des +cipher. Its use is strongly discouraged due to cryptographic +weaknesses. .It Fl c Ar cipher_spec Additionally, for protocol version 2 a comma-separated list of ciphers can be specified in order of preference. @@ -714,10 +718,19 @@ The default is Specifies the cipher to use for encrypting the session in protocol version 1. Currently, -.Dq blowfish +.Dq blowfish , +.Dq 3des , and -.Dq 3des +.Dq des are supported. +.Ar des +is only supported in the +.Nm +client for interoperability with legacy protocol 1 implementations +that do not support the +.Ar 3des +cipher. Its use is strongly discouraged due to cryptographic +weaknesses. The default is .Dq 3des . .It Cm Ciphers |