[Bug 1409798] Re: enable hmac-sha2-256, hmac-sha2-512 MAC algorithms
Launchpad Bug Tracker
1409798 at bugs.launchpad.net
Thu Feb 5 00:34:05 UTC 2015
This bug was fixed in the package dropbear - 2014.65-1ubuntu2
---------------
dropbear (2014.65-1ubuntu2) vivid; urgency=medium
* Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)
-- Richard Hansen <ubuntu-a7x at scientician.org> Wed, 04 Feb 2015 16:11:03 -0600
** Changed in: dropbear (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1409798
Title:
enable hmac-sha2-256, hmac-sha2-512 MAC algorithms
Status in dropbear package in Ubuntu:
Fix Released
Status in dropbear package in Debian:
New
Bug description:
Since version 2013.56, dropbear has supported the hmac-sha2-256 and
hmac-sha2-512 MAC algorithms, but they are disabled by default.
According to the dropbear changelog, enabling them is a matter of
uncommenting the following two lines in options.h:
/*#define DROPBEAR_SHA2_256_HMAC*/
/*#define DROPBEAR_SHA2_512_HMAC*/
Due to recent NSA revelations, some people are recommending users
disable certain algorithms. If the recommendations at
<https://stribika.github.io/2015/01/04/secure-secure-shell.html> are
followed, there are no MAC algorithms left that dropbear supports
unless hmac-sha2-256 and hmac-sha2-512 are enabled.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dropbear/+bug/1409798/+subscriptions
More information about the Ubuntu-sponsors
mailing list