Re: Security Advice für OpenSSL im Basissystem?

From: Christian Weisgerber <naddy(at)>
Date: Fri, 17 Oct 2014 11:39:28 +0000 (UTC)

On 2014-10-17, Peter Ross <Peter.Ross(at)> wrote:

> `make OPENSSL=no` has now been introduced for a reduced configuration
> OpenSSH to be built without OpenSSL, which would leave you with no legacy
> SSH-1 baggage at all, and on the SSH-2 front with only AES-CTR and
> chacha20+poly1305 ciphers, ECDH/curve25519 key exchange and Ed25519 public
> keys."
> Das sollte eigentlich bei mir gehen - ich "spreche" eh nur mit moderner
> Technik (meist FreeBSD oder Linux).

... wo die mitgelieferte OpenSSH-Version oft viele Versionen
hinterherhinkt; z.B. kann die von FreeBSD 10.0 kein chacha20+poly1305,
Curve25519 oder Ed25519.

Christian "naddy" Weisgerber                          naddy(at)
To Unsubscribe: send mail to majordomo(at)
with "unsubscribe de-bsd-questions" in the body of the message
Received on Fri 17 Oct 2014 - 13:39:43 CEST

search this site