Attachment 929 Details for Bug 1056 – path to set 4k minimum rekeylimit, add to ssh_config man page

[patch] path to set 4k minimum rekeylimit, add to ssh_config man page

openssh-4.1p1-rekeylimit.patch (text/plain), 1.27 KB, created by Jan Iven on 2005-06-17 01:29:11 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Jan Iven

Created: 2005-06-17 01:29:11 AEST

Size: 1.27 KB

patch

obsolete

># adjust minimum rekey window to 4k, so that session init has a chance
># to get through
>--- openssh-4.1p1-orig/readconf.c     2005-03-14 13:08:12.000000000 +0100
>+++ openssh-4.1p1/readconf.c  2005-06-10 23:27:03.000000000 +0200
>@@ -485,6 +519,10 @@
> 		}
> 		if (*activep && *intptr == -1)
> 			*intptr = value;
>+		if ((*intptr) < 4096) {
>+			verbose("adjusting RekeyLimit to minimum of 4k");
>+			*intptr = 4096;
>+		}
> 		break;
> 
> 	case oIdentityFile:
>
>--- openssh-4.1p1-bricolage/ssh_config.5        2005-03-31 13:31:10.000000000 +0200
>+++ openssh-4.1p1/ssh_config.5  2005-06-16 17:09:06.000000000 +0200
>@@ -625,6 +625,21 @@
> The default is
> .Dq yes .
> This option applies to protocol version 2 only.
>+.It Cm RekeyLimit
>+Specifies how much data may be transmitted before the session key has
>+to be re-negotiated. The argument must be the number of bytes, with an
>+optional postfix of
>+.Dq K
>+.Dq M
>+.Dq G
>+to indicate  Kilo/Mega/Gigabytes. Minimum value is 4k, anything below
>+is silently upped to 4k.
>+The default is between
>+.Dq 1G
>+and
>+.Dq 4G
>+, depending on the Cipher.
>+Note that this option applies to protocol version 2 only.
> .It Cm RemoteForward
> Specifies that a TCP/IP port on the remote machine be forwarded over
> the secure channel to the specified host and port from the local machine.

Actions: View | Diff

Attachments on bug 1056: 929 | 1015