Groups | Search | Server Info | Keyboard shortcuts | Login | Register
Groups > linux.debian.security > #6417
| Path | csiph.com!weretis.net!feeder8.news.weretis.net!srl.newsdeef.eu!news.corradoroberto.it!gothmog.csi.it!bofh.it!news.nic.it!robomod |
|---|---|
| From | Stephan Verbücheln <verbuecheln@posteo.de> |
| Newsgroups | linux.debian.security |
| Subject | Use ~/.ssh/config |
| Date | Tue, 13 May 2025 14:20:01 +0200 |
| Message-ID | <KLWM1-2Pst-3@gated-at.bofh.it> (permalink) |
| References | <KLUhb-2Nl7-11@gated-at.bofh.it> <KLVPY-2OQT-5@gated-at.bofh.it> |
| X-Mailbox-Line | From debian-security-request@lists.debian.org Tue May 13 12:11:44 2025 |
| Old-Return-Path | <verbuecheln@posteo.de> |
| X-Amavis-Spam-Status | No, score=-13.859 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, LDO_WHITELIST=-5, PGPSIGNATURE=-5, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SARE_MSGID_LONG40=0.637] autolearn=ham autolearn_force=no |
| X-Policyd-Weight | using cached result; rate: -5.5 |
| Content-Type | multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-dXw6nrsP6U5HoqtrXXay" |
| MIME-Version | 1.0 |
| X-Mailing-List | <debian-security@lists.debian.org> archive/latest/29616 |
| List-ID | <debian-security.lists.debian.org> |
| List-URL | <https://lists.debian.org/debian-security/> |
| List-Archive | https://lists.debian.org/msgid-search/a13c7d7ed3f3f98e7462ea737e2c8eb9a8d17f16.camel@posteo.de |
| Approved | robomod@news.nic.it |
| Lines | 36 |
| Organization | linux.* mail to news gateway |
| Sender | robomod@news.nic.it |
| X-Original-Date | Tue, 13 May 2025 12:11:24 +0000 |
| X-Original-Message-ID | <a13c7d7ed3f3f98e7462ea737e2c8eb9a8d17f16.camel@posteo.de> |
| X-Original-References | <c5cdd23ac4f6079f011d5f86d81e945d@posteo.de> <df87848c-b867-4400-818a-041c2eae2ff4@debian.org> |
| Xref | csiph.com linux.debian.security:6417 |
Show key headers only | View raw
[Multipart message — attachments visible in raw view] - view raw
On Tue, 2025-05-13 at 11:39 +0100, Chris Boot wrote: > I don't think that your software _should_ offer cipher selection > options to override SSH defaults at all, instead just using the > default options. I second this. This way, the secure defaults will evolve over time with future releases of OpenSSH and Debian. If necessary, I recommend to define non-default settings on a per-host basis in: ~/.ssh/config This is out of scope for rsync and Back in Time. Regards Stephan
Back to linux.debian.security | Previous | Next — Previous in thread | Find similar
SHH Cipher recommendations and "prohibitions" from Debian? c.buhtz@posteo.jp - 2025-05-13 11:40 +0200 Re: SHH Cipher recommendations and "prohibitions" from Debian? Bartosz Fenski <bartosz@fenski.pl> - 2025-05-13 12:50 +0200 Re: SHH Cipher recommendations and "prohibitions" from Debian? c.buhtz@posteo.jp - 2025-05-13 13:20 +0200 Use ~/.ssh/config Stephan Verbücheln <verbuecheln@posteo.de> - 2025-05-13 14:20 +0200
csiph-web