You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"This is based on RFC 4253, section 6.4, but with hmac-md5 variants
removed because they have reached the end of their useful life."
Unfortunately this is wishful thinking. ssh servers should not use old ciphers,
but sometimes they do, and we still need to manage them. Sometimes we
have no control over the server implementation -- in this instance it's
Mikrotik routers. Deprecated ciphers are still useful in this circumstance
even though in an ideal world this would not be the case.
I'd work on making a patch, but as this appears to be a conscious choice
I want to check here first to make sure I'm not wasting my time if it would
be rejected out of hand.
The text was updated successfully, but these errors were encountered:
mikioh
changed the title
ssh library deprecates ciphers over-eagerly
x/crypto/ssh: library deprecates ciphers over-eagerly
Aug 13, 2015
If there's a significant population of devices that need this then it could probably be added, but disabled by default. But I think that this is the first time that hmac-md5 has been requested so a local solution is appropriate for now.
From https://github.com/golang/crypto/blob/master/ssh/common.go#L52
Unfortunately this is wishful thinking. ssh servers should not use old ciphers,
but sometimes they do, and we still need to manage them. Sometimes we
have no control over the server implementation -- in this instance it's
Mikrotik routers. Deprecated ciphers are still useful in this circumstance
even though in an ideal world this would not be the case.
I'd work on making a patch, but as this appears to be a conscious choice
I want to check here first to make sure I'm not wasting my time if it would
be rejected out of hand.
The text was updated successfully, but these errors were encountered: