Hello All, I am using OpenSSH compression for compressing data between PostgreSQL servers. I am using following command,
ssh -c arcfour,blowfish-cbc -4 -2 -v -C -L 3304:localhost:5432 user@server2 I want to know if vulnerability CRIME which attacks SSL deflate compression algorithm is a threat to SSH compression too? After reading around a bit , i could find that it is a possibility that SSH can be affected by CRIME. So , can someone please confirm if CRIME vulnerability exists for SSH compression? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
