-
Notifications
You must be signed in to change notification settings - Fork 404
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Request: disable weak and suspect crypto #304
Comments
Not a developer on this project, but I try to help issues along in projects I use when I spot things! So tossing this over the wall without even stripping out the ANSI escape codes which make the file gibberish here on github is not the most approachable to getting this worked efficiently, and this could likely have been better handled as a pull request instead. This 'audit' is very subjective and pushes for as many restrictions as possible even when there's not a large corpus of evidence for some of the suggestions or when the items in question are still mandatory to the protocol.
The above should hopefully help whatever dev picks this up at least know what's in the attached audit log. |
This discussion is pretty tedious. Here isn't a newspaper comments page. [this was response to some now deleted rubbish comments]
I'll be disabling the sha1 algos by default. I don't think any other changes are required.
|
Crypto flaws and suspect crypto are hard for the normal user to understand or even easily research. It would be nice if the out of the box defaults were to disable any suspect or weak crypto. The attached file is the log of "ssh-audit" run against dropbear_2024.85.
ssh-audit.log
The text was updated successfully, but these errors were encountered: