rawsettings » Revisions »
Differences
This shows you the differences between the selected revisions of the page.
| 2024-08-25 | 2024-10-23 (current) | ||
| Restored revision 1710153462. Undoing revision 1724576039. (martin) (hidden) | chacha20 and aesgcm ciphers + current default order (martin) | ||
| Line 33: | Line 33: | ||
| | ''==AddressFamily=='' | [[ui_login_connection#ipv|Internet Protocol Version]] | ''0'' = Auto, ''1'' = IPv4, ''2'' = IPv6 | | | ''==AddressFamily=='' | [[ui_login_connection#ipv|Internet Protocol Version]] | ''0'' = Auto, ''1'' = IPv4, ''2'' = IPv6 | | ||
| | ''SshNoUserAuth'' | [[ui_login_authentication#bypassing|Bypass authentication entirely]] | ''0''/''off'' = Disabled, ''1''/''on'' = Enabled | | | ''SshNoUserAuth'' | [[ui_login_authentication#bypassing|Bypass authentication entirely]] | ''0''/''off'' = Disabled, ''1''/''on'' = Enabled | | ||
| - | | ''==Cipher=='' | [[ui_login_ssh#encryption_options|SSH encryption cipher selection policy]] | Comma-separated list of cipher preference order, where names of ciphers are ''aes'', ''blowfish'', ''3des'', ''arcfour'' and ''des''. Token ''WARN'' is used to delimit substandard ciphers. Example: ''blowfish,aes,3des,WARN,arcfour,des'' | | + | | ''==Cipher=='' | [[ui_login_ssh#encryption_options|SSH encryption cipher selection policy]] | Comma-separated list of cipher preference order, where names of ciphers are ''aes'', ''chacha20'', ''aesgcm'', ''3des'', ''des'', ''blowfish'' and ''arcfour''. Token ''WARN'' is used to delimit substandard ciphers. Example: ''blowfish,aes,3des,WARN,arcfour,des'' | |
| | ''==KEX=='' | [[ui_login_kex|Key exchange algorithm selection policy]] | Comma-separated list of KEX preference order, where names of KEXes are ''ecdh'' (ECDH), ''dh-gex-sha1'' (DH Group Exchange), ''dh-group14-sha1'' (DH group 14), ''rsa'' (RSA-based), and ''dh-group1-sha1'' (DH group 1). Token ''WARN'' is used to delimit substandard KEXes. Example: ''ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1'' | | | ''==KEX=='' | [[ui_login_kex|Key exchange algorithm selection policy]] | Comma-separated list of KEX preference order, where names of KEXes are ''ecdh'' (ECDH), ''dh-gex-sha1'' (DH Group Exchange), ''dh-group14-sha1'' (DH group 14), ''rsa'' (RSA-based), and ''dh-group1-sha1'' (DH group 1). Token ''WARN'' is used to delimit substandard KEXes. Example: ''ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1'' | | ||
| | ''==HostKey=='' | Host key algorithm selection policy | Comma-separated list of algorithm preference order, where names of algorithms are ''ed448'', ''rsa'', ''dsa'', ''ecdsa'' and ''ed25519''. Token ''WARN'' can used to delimit substandard algorithms. Example: ''ed448,ed25519,ecdsa,rsa,dsa,WARN'' | | | ''==HostKey=='' | Host key algorithm selection policy | Comma-separated list of algorithm preference order, where names of algorithms are ''ed448'', ''rsa'', ''dsa'', ''ecdsa'' and ''ed25519''. Token ''WARN'' can used to delimit substandard algorithms. Example: ''ed448,ed25519,ecdsa,rsa,dsa,WARN'' | | ||