Hi. 1) in sshd_config(5): "rijndael-cbc@lysator.liu.se" seems to be missing from the list of supported algos for the Ciphers directive. "hmac-ripemd160@openssh.com" for the MACs directive. (If that's a synonym to hmac-ripemd160 it should probably be documented as well.) 2) in sshd_config(5): The Ciphers directive contains the text: > The list of available ciphers may also be obtained using the -Q > option of ssh(1). a) I guess this should perhaps be changed to: “-Q cipher” respectively “-Q cipher-auth” b) The directives KexAlgorithms and MACs, which correspond to Ciphers, and for which there is also a respective -Q option, completely miss that part and it should be given as well. The same should probably be done for the directive HostKeyAlgorithms in ssh_config(5). Cheers, Chris.
Partially fixed in https://github.com/openssh/openssh-portable/pull/5 The: >(If that's a synonym to hmac-ripemd160 >it should probably be documented as well.) is still open, though.
fixed; will be in openssh-6.8 commit 8f6784f0cb56dc4fd00af3e81a10050a5785228d Author: djm@openbsd.org <djm@openbsd.org> Date: Mon Dec 22 09:05:17 2014 +0000 upstream commit mention ssh -Q feature to list supported { MAC, cipher, KEX, key } algorithms in more places and include the query string used to list the relevant information; bz#2288
openssh-6.8 is released