[CentOS] SSH Weak Ciphers
Leonard den Ottolander
leonard at den.ottolander.nl
Wed Oct 19 15:30:09 UTC 2016
Hello Clint,
On Wed, 2016-10-19 at 11:28 +1300, Clint Dilks wrote:
> The following weak client-to-server encryption algorithms are supported by
> the remote service:
> rijndael-cbc at lysator.liu.se
> arcfour256
> arcfour128
> aes256-cbc
> 3des-cbc
> aes192-cbc
> blowfish-cbc
> cast128-cbc
> arcfour
> aes128-cbc
Where did you get the idea that AES (~ Rijndael) is a weak cipher?
RC4 (arcfour) is indeed considered insecure and Blowfish uses a block
size that is too small for comfort. CAST-128 might still be quite usable
and even though triple DES only provides about 80 bits of security it is
still not considered broken.
Regards,
Leonard.
--
mount -t life -o ro /dev/dna /genetic/research
More information about the CentOS
mailing list