Re: [9front] [patch] /sys/src/cmd/ssh.c notify user of unavailable cipher

9front - general discussion about 9front
 help / color / mirror / Atom feed

From: ori@eigenstate.org
To: unobe@cpan.org, 9front@9front.org
Subject: Re: [9front] [patch] /sys/src/cmd/ssh.c notify user of unavailable cipher
Date: Mon, 27 Apr 2020 16:17:13 -0700	[thread overview]
Message-ID: <0C39C1809DC1D57A53EE360E6670555B@eigenstate.org> (raw)
In-Reply-To: <50B506EB-6D46-4FA6-9651-270B96942ABA@cpan.org>

> As a follow-up: I started speaking with IT today. They're using the CIS CentOS Linux Benchmark v2.1.0, but the last check missed yhe faxt that an entire section, section 5.2.11, was removed. That section restricts ciphers but even the audit looks wrong considering what it describes. The latest version of the document, v2.2.0 does not restrict ciphers more than the defaults shipped with openssh, and so IT looks like they're fine with updating.
> 
> I'll still look into patching to provide better diagnostic info to yhe user when supported cipher/mac isn't available.

Ok -- If you don't get to it first, I'll probably take a look at doing proper negotiation
and maybe adding some more ciphers a couple of weeks down the road. I'll let you know when
I start thinking about it.

next prev parent reply	other threads:[~2020-04-27 23:17 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-21  4:46 Romano
2020-04-21  5:16 ` [9front] " Stanley Lieber
2020-04-21 18:46 ` cinap_lenrek
2020-04-21 22:42   ` Romano
2020-04-21 23:00     ` cinap_lenrek
2020-04-21 23:05       ` Romano
2020-04-21 23:25     ` cinap_lenrek
2020-04-22  1:04       ` ori
2020-04-22  5:40       ` Romano
2020-04-27 23:11         ` Romano
2020-04-27 23:17           ` ori [this message]
2020-04-28  6:18             ` hiro

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0C39C1809DC1D57A53EE360E6670555B@eigenstate.org \
    --to=ori@eigenstate.org \
    --cc=9front@9front.org \
    --cc=unobe@cpan.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).