27 Jan
2017
27 Jan
'17
6:26 p.m.
On 01/27/2017 10:03 AM, Leonard den Ottolander wrote:
To my astonishment the openssh versions on both C6 and C7 will by default negotiate an MD5 HMAC.
Cryptographers still consider MD5 secure for HMAC use. Wikipedia's references (currently 6, 7, and 8) in this article are useful:
https://en.wikipedia.org/wiki/Hash-based_message_authentication_code