Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support hmac-sha2-512-etm@openssh.com cipher #8555

Closed
cyberduck opened this issue Feb 6, 2015 · 1 comment
Closed

Support hmac-sha2-512-etm@openssh.com cipher #8555

cyberduck opened this issue Feb 6, 2015 · 1 comment

Comments

@cyberduck
Copy link
Collaborator

@cyberduck cyberduck commented Feb 6, 2015

5586502 created the issue

This is in the line of tickets #8488, #8528 and #8537, but not as urgent as the key exchange algorithms.

Standard procedure with hmac-sha-512 is to Encrypt-and-Mac, which might lead to some side channel attacks, according to https://stribika.github.io/2015/01/04/secure-secure-shell.html

Encrypt-then-Mac should fix that. Personally I only care about the 512-bit version of that MAC, but if it is easy to add, hmac-sha2-256-etm@openssh.com can be included as well for compatibility.

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Jun 5, 2020

@dkocher commented

Support was added upstream in 4de9f8ab9fd1e8c7a3c9b4fb0d5f82d58eb4c0a0.

@cyberduck cyberduck closed this Jun 5, 2020
@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants