Add a new MAC algorithm for data integrity, UMAC-64 (not default yet, must

specify umac-64@openssh.com). Provides about 20% end-to-end speedup
compared to hmac-md5. Represents a different approach to message
authentication to that of HMAC that may be beneficial if HMAC based on one
of its underlying hash algorithms is found to be vulnerable to a new attack.
http://www.ietf.org/rfc/rfc4418.txt

in conjunction with and OK djm@

1 files changed, 3 insertions, 3 deletions

diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5
index d3f005b06bf..e801f824d7a 100644
--- a/usr.bin/ssh/sshd_config.5
+++ b/usr.bin/ssh/sshd_config.5
@@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.75 2007/05/31 19:20:17 jmc Exp $
-.Dd $Mdocdate: May 31 2007 $
+.\" $OpenBSD: sshd_config.5,v 1.76 2007/06/07 19:37:34 pvalchev Exp $
+.Dd $Mdocdate: June 7 2007 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -489,7 +489,7 @@ The MAC algorithm is used in protocol version 2
 for data integrity protection.
 Multiple algorithms must be comma-separated.
 The default is:
-.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 .
+.Dq hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 .
 .It Cm Match
 Introduces a conditional block.
 If all of the criteria on the