pub-solar/os
5
0
Fork 2
Code Issues 4 Pull requests Packages Projects 1 Releases Wiki Activity

flora-6: add back openssh MACs that got removed #233

Merged
b12f merged 1 commit from infra-openssh-mac-defaults into infra 2023-07-07 12:43:52 +00:00
Conversation 0 Commits 1 Files changed 1 +8
teutat3s commented 2023-07-07 12:37:43 +00:00
Owner
Copy link

from defaults

NixOS default openssh MACs have changed to use "encrypt-then-mac" only.
This breaks compatibilty with clients that do not offer these MACs. For
compatibility reasons, we add back the old defaults.
See: https://github.com/NixOS/nixpkgs/pull/231165

https://blog.stribik.technology/2015/01/04/secure-secure-shell.html
https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67

from defaults NixOS default openssh MACs have changed to use "encrypt-then-mac" only. This breaks compatibilty with clients that do not offer these MACs. For compatibility reasons, we add back the old defaults. See: https://github.com/NixOS/nixpkgs/pull/231165 https://blog.stribik.technology/2015/01/04/secure-secure-shell.html https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67
teutat3s added 1 commit 2023-07-07 12:37:44 +00:00
flora-6: add back openssh MACs that got removed
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
6fd2903516 
from defaults

NixOS default openssh MACs have changed to use "encrypt-then-mac" only.
This breaks compatibilty with clients that do not offer these MACs. For
compatibility reasons, we add back the old defaults.
See: https://github.com/NixOS/nixpkgs/pull/231165

https://blog.stribik.technology/2015/01/04/secure-secure-shell.html
https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67
axeman approved these changes 2023-07-07 12:43:42 +00:00
axeman left a comment
Owner
Copy link

🚢

🚢
b12f approved these changes 2023-07-07 12:43:46 +00:00
b12f left a comment
Owner
Copy link

LGTM

LGTM
b12f merged commit a25d399575 into infra 2023-07-07 12:43:51 +00:00
b12f deleted branch infra-openssh-mac-defaults 2023-07-07 12:43:52 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
axeman
b12f
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: pub-solar/os#233
No description provided.
Delete branch "infra-openssh-mac-defaults"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?