3064 – Place algorithm at head of default list

Bug 3064 - Place algorithm at head of default list

Summary: Place algorithm at head of default list

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh (show other bugs)
Version:	8.0p1
Hardware:	Other All

Importance:	P5 enhancement
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2019-09-05 06:26 AEST by Christian Weisgerber
Modified:	2021-04-23 14:53 AEST (History)
CC List:	1 user (show)

See Also:

Attachments
ssh_prefer.diff (10.58 KB, patch) 2019-09-05 06:26 AEST, Christian Weisgerber	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Christian Weisgerber 2019-09-05 06:26:39 AEST

Created attachment 3318 [details]
ssh_prefer.diff

ssh_config(5) and sshd_config(5) already allow adding '+' and removing '-' an algorithm from the default list.  Oddly, I mostly find myself wanting to prefer an algorithm, i.e., place it at the head of the list without removing anything.  The attached patch adds this ability.  To prefer algorithms, prefix them with '^'.  E.g.:
 
  HostKeyAlgorithms ^ssh-ed25519
  Ciphers ^aes128-gcm@openssh.com,aes256-gcm@openssh.com

Comment 1 Damien Miller 2019-09-06 13:03:52 AEST

This is ok djm and dtucker if you want to commit it yourself

Comment 2 Christian Weisgerber 2019-09-07 00:56:13 AEST

Committed.

Comment 3 Damien Miller 2021-04-23 14:53:09 AEST

closing resolved bugs as of 8.6p1 release