On Mon 10 Jun 2002 13:24, Mark Janssen wrote: > Run the ssh daemon with debugging on (2 levels or more) and check the > output: > > sshd -d -d -d -p <someport> > ssh -v -p <someport> 127.0.0.1 > > Look at all the pretty output... > <snipped>
Yeah, after I wrote that message, I tried to connect with a cipher that SSH *doesn't* support (namely Twofish), and I got something similar in my /var/log/messages: Jun 10 12:52:38 firegate sshd[2741]: fatal: no matching cipher found: client twofish-cbc server aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc, arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc, rijndael256-cbc,[EMAIL PROTECTED] > > 2) The SHA1-96 hash should be better than MD5-96, correct? > > I'll make no statements about that... Hmm... everything I've read so far suggests SHA1(-96) is more secure Than MD5(-96) but if there's something I am missing, clue me in. :) Most of those dox were PGP-related, although I suppose that doesn't matter much, same principle. > > 3) Any reason you *wouldn't* want to use compression in SSH? > > If you are using it over fast networks or slow systems... as > opposed to using it over modems and fast systems... It all depends > on your requirements. Well, this is a fast (10Mbps) LAN connection on a fairly slow (486 66MHz) system. > Also, if using ssh for file-transfer or allready compressed files, > compressing them again will only cost cpu cycles... Ahh, yes... OK. I forgot all about pre-compressed files, so that makes sense now. Thanks, Jeff Bonner -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
