Talk:Security/Guidelines/OpenSSH: Difference between revisions
Jump to navigation
Jump to search
Gdestuynder (talk | contribs) (Created page with "Question by JanZerebecki Because i'm not permitted to create the discussion page, commenting here: Shouldn't HostKeyAlgorithms (above and below) 1) have ecdsa-sha2-nistp256-ce...") |
Gdestuynder (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
Question by JanZerebecki | Question by JanZerebecki | ||
Because i'm not permitted to create the discussion page, commenting here: Shouldn't HostKeyAlgorithms (above and below) 1) have ecdsa-sha2-nistp256-cert-v01@openssh.com after ecdsa-sha2-nistp384-cert-v01@openssh.com and 2) not list all openssh.com variants first but primarily order by algorithm? | Because i'm not permitted to create the discussion page, commenting here: Shouldn't HostKeyAlgorithms (above and below) 1) have ecdsa-sha2-nistp256-cert-v01@openssh.com after ecdsa-sha2-nistp384-cert-v01@openssh.com and 2) not list all openssh.com variants first but primarily order by algorithm? | ||
New suggestion: | New suggestion: | ||
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp256 | HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp256 | ||
-[[User:JanZerebecki|JanZerebecki]] ([[User talk:JanZerebecki|talk]]) 10:28, 2 March 2015 (PST) | -[[User:JanZerebecki|JanZerebecki]] ([[User talk:JanZerebecki|talk]]) 10:28, 2 March 2015 (PST) | ||
Revision as of 19:30, 2 March 2015
Question by JanZerebecki
Because i'm not permitted to create the discussion page, commenting here: Shouldn't HostKeyAlgorithms (above and below) 1) have ecdsa-sha2-nistp256-cert-v01@openssh.com after ecdsa-sha2-nistp384-cert-v01@openssh.com and 2) not list all openssh.com variants first but primarily order by algorithm?
New suggestion: HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp256 -JanZerebecki (talk) 10:28, 2 March 2015 (PST)