Talk:Security/Guidelines/OpenSSH: Difference between revisions
Jump to navigation
Jump to search
Gdestuynder (talk | contribs) No edit summary |
JanZerebecki (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
Shouldn't HostKeyAlgorithms 1) have ecdsa-sha2-nistp256-cert-v01@openssh.com after ecdsa-sha2-nistp384-cert-v01@openssh.com and 2) not list all openssh.com variants first but primarily order by algorithm? | |||
New suggestion: | New suggestion: | ||
<source> | |||
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp256 | HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp256 | ||
</source> | |||
-[[User:JanZerebecki|JanZerebecki]] ([[User talk:JanZerebecki|talk]]) 10:28, 2 March 2015 (PST) | -[[User:JanZerebecki|JanZerebecki]] ([[User talk:JanZerebecki|talk]]) 10:28, 2 March 2015 (PST) | ||
Revision as of 19:34, 2 March 2015
Shouldn't HostKeyAlgorithms 1) have ecdsa-sha2-nistp256-cert-v01@openssh.com after ecdsa-sha2-nistp384-cert-v01@openssh.com and 2) not list all openssh.com variants first but primarily order by algorithm?
New suggestion:
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp256-JanZerebecki (talk) 10:28, 2 March 2015 (PST)