| Age | Commit message (Expand) | Author |
|---|
| 2019-12-10 | add security key types to list of keys allowed to act as CAs; | Damien Miller |
| 2019-11-12 | enable ed25519 support; ok djm | Markus Friedl |
| 2019-11-01 | remove duplicate PUBKEY_DEFAULT_PK_ALG on !WITH_OPENSSL path | Damien Miller |
| 2019-10-31 | Separate myproposal.h userauth pubkey types | Damien Miller |
| 2019-02-23 | openssh-7.9 accidentally reused the server's algorithm lists in the | Damien Miller |
| 2018-09-12 | add SSH_ALLOWED_CA_SIGALGS - the default list of signature algorithms | Damien Miller |
| 2018-07-03 | Improve strictness and control over RSA-SHA2 signature types: | Damien Miller |
| 2017-05-07 | Don't offer CBC ciphers by default in the client. ok markus@ | Damien Miller |
| 2016-09-28 | Remove support for pre-authentication compression. Doing compression | Damien Miller |
| 2016-09-22 | support plain curve25519-sha256 KEX algorithm now that it is | Damien Miller |
| 2016-09-05 | remove 3des-cbc from the client's default proposal; 64-bit block ciphers | Damien Miller |
| 2016-05-02 | add support for additional fixed DH groups from | Damien Miller |
| 2016-02-09 | turn off more old crypto in the client: hmac-md5, ripemd, truncated | Damien Miller |
| 2015-12-05 | prefer rsa-sha2-512 over -256 for hostkeys, too; noticed by naddy@ | Markus Friedl |
| 2015-12-04 | implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) | Markus Friedl |
| 2015-07-10 | Turn off DSA by default; add HostKeyAlgorithms to the server and | Markus Friedl |
| 2015-07-03 | turn off 1024 bit diffie-hellman-group1-sha1 key exchange method | Damien Miller |
| 2015-07-03 | delete support for legacy v00 certificates; "sure" markus@ dtucker@ | Damien Miller |
| 2015-05-27 | Reorder client proposal to prefer diffie-hellman-group-exchange-sha1 over | Darren Tucker |
| 2015-04-21 | Add back a backslash removed in rev 1.42 so KEX_SERVER_ENCRYPT will | Jonathan Gray |
| 2015-03-24 | promote chacha20-poly1305@openssh.com to be the default cipher; | Damien Miller |
| 2014-07-11 | by popular demand, add back hamc-sha1 to server proposal for better compat | Ted Unangst |
| 2014-04-30 | UMAC can use our local fallback implementation of AES when OpenSSL isn't | Christian Weisgerber |
| 2014-04-29 | make compiling against OpenSSL optional (make OPENSSL=no); | Markus Friedl |
| 2014-03-27 | disable weak proposals in sshd, but keep them in ssh; ok djm@ | Markus Friedl |
| 2014-03-26 | The current sharing of myproposal[] between both client and server code | Theo de Raadt |
| 2014-03-25 | trimm default proposals. | Markus Friedl |
| 2013-12-06 | support ed25519 keys (hostkeys and user identities) using the public domain | Markus Friedl |
| 2013-11-21 | Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" | Damien Miller |
| 2013-11-02 | use curve25519 for default key exchange (curve25519-sha256@libssh.org); | Markus Friedl |
| 2013-01-08 | support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) | Markus Friedl |
| 2012-12-11 | add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms | Markus Friedl |
| 2012-10-04 | add umac128 variant; ok djm@ at n2k12 | Markus Friedl |
| 2012-06-28 | Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed | Darren Tucker |
| 2011-08-02 | Add new SHA256 and SHA512 based HMAC modes from | Damien Miller |
| 2010-09-01 | prefer ECDH in a 256 bit curve field; prompted by naddy@ | Damien Miller |
| 2010-08-31 | Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and | Damien Miller |
| 2010-04-16 | revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the | Damien Miller |
| 2010-02-26 | Add support for certificate key types for users and hosts. | Damien Miller |
| 2009-01-23 | prefer CTR modes and revised arcfour (i.e w/ discard) modes to CBC | Damien Miller |
| 2007-06-07 | Add a new MAC algorithm for data integrity, UMAC-64 (not default yet, must | Peter Valchev |
| 2006-03-25 | standardise spacing in $OpenBSD$ tags; requested by deraadt@ | Damien Miller |
| 2006-03-19 | spacing | Theo de Raadt |
| 2006-03-07 | Implement the diffie-hellman-group-exchange-sha256 key exchange method | Damien Miller |
| 2005-07-25 | add a new compression method that delays compression until the user | Markus Friedl |
| 2005-05-23 | add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes; | Damien Miller |
| 2004-06-13 | implement diffie-hellman-group14-sha1 kex method (trivial extension to | Damien Miller |
| 2003-05-17 | experimental support for aes-ctr modes from | Markus Friedl |
| 2002-04-03 | re-add rijndael-cbc@lysator.liu.se for MacSSH; ash@lab.poc.net | Markus Friedl |
| 2002-01-21 | remove "rijndael-*", just use "aes-" since this how rijndael is called | Markus Friedl |
