Contributed by pitrh on from the SSH! SSLide closer! dept.
CVSROOT: /cvs Module name: src Changes by: markus@cvs.openbsd.org 2014/04/29 12:01:49 Modified files: usr.bin/ssh : Makefile.inc auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c usr.bin/ssh/lib: Makefile usr.bin/ssh/ssh: Makefile usr.bin/ssh/sshd: Makefile Log message: make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
This could mean a slimmer, standalone OpenSSH is on the horizon, but at this point it's likely more important that it makes life easier the OpenSSH developers when/if they want to explore other options to improve the build system and OpenSSH itself.
(Comments are closed)
By Anonymous Coward (141.136.122.219) on
Comments
By phessler (phessler) on why in god's name am I wearing pants?
Yes, that is correct (and the current default).
By markus (84.56.5.102) on
No.
OpenSSL and LibreSSL already have identical APIs and features from OpenSSH's point of view.
By Hirlimann Ludovic (86.217.131.148) ludovic@hirlimann.net on ludovic@hirlimann.net
Comments
By Anonymous Coward (2001:470:b01e:3:214:51ff:fe67:4efb) on
Since when does OpenBSD come with NSS?
Comments
By Noryungi (noryungi) on
> Since when does OpenBSD come with NSS?
http://www.openbsd.org/cgi-bin/cvsweb/ports/security/nss/
You should read about this thing called ''ports'' methinks...
Comments
By phessler (phessler) on why in god's name am I wearing pants?
> > Since when does OpenBSD come with NSS?
>
> http://www.openbsd.org/cgi-bin/cvsweb/ports/security/nss/
>
> You should read about this thing called ''ports'' methinks...
>
that is "NSS is available as a post-install step". SSH requires the things it use to be built-in. *THAT* is what "OpenBSD does not come with NSS" means.
Comments
By Noryungi (noryungi) on
> > > Since when does OpenBSD come with NSS?
> >
> > http://www.openbsd.org/cgi-bin/cvsweb/ports/security/nss/
> >
> > You should read about this thing called ''ports'' methinks...
> >
>
> that is "NSS is available as a post-install step". SSH requires the things it use to be built-in. *THAT* is what "OpenBSD does not come with NSS" means.
I stand corrected.
By brynet (Brynet) on http://brynet.biz.tm/
It only supports private keys in the new bcrypt kdf format, correct? I'd assume so, if ed25519 is the only key type supported at the moment.
Comments
By markus (84.56.5.102) on
yes & yes.
By Anonymous Coward (cnst) on http://it.slashdot.org/story/14/04/30/1822209/openssh-no-longer-has-to-depend-on-openssl