d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
858178a142
freebsd-dev/release
History
Conrad Meyer 858178a142 Remove insecure ciphers from GCE sshd configuration 
They were added for unclear reasons in r277263.  The current OpenSSH
defaults (7.5+) are reasonable, and do not include the insecure rc4 cipher:

                   chacha20-poly1305@openssh.com,
                   aes128-ctr,aes192-ctr,aes256-ctr,
                   aes128-gcm@openssh.com,aes256-gcm@openssh.com,
                   aes128-cbc,aes192-cbc,aes256-cbc

I think I recall there being a reason for a specific list of ciphers on GCE
at the time, but I do not recall what it was, and cannot find any
current GCE documentation of such a list.

So, just revert the explicit configuration and use sane openssh defaults.

PR:		230092
Submitted by:	Gustavo Scalet <gustavo.scalet AT collabora.com>
MFC after:	3 days
Security:	yes
2018-07-28 19:35:49 +00:00
..
amd64 - Once we have shifted arguments up to thrice, base-bits-dir is $1 rather 2018-06-07 18:24:25 +00:00
arm Remove the hopelessly confused GUMSTIX.conf config 2018-07-27 19:25:09 +00:00
arm64 release: Add arm_install_boot to install the commit boot bits 2018-07-22 12:03:17 +00:00
i386 switch i386 memstick installer images to MBR 2018-04-12 19:00:22 +00:00
packages Simplify using bsd.endian.mk and have it provide CAP_MKDB_ENDIAN, since it is 2018-06-28 13:48:59 +00:00
picobsd spdx: initial adoption of licensing ID tags. 2017-11-18 14:26:50 +00:00
pkg_repos Update the pkg-stage target to be more compatible with pkg-1.2: 2014-01-16 16:12:09 +00:00
powerpc make-memstick.sh: put partition args on separate lines 2018-04-10 19:49:04 +00:00
scripts Change installer default to not install ports tree 2018-01-30 16:34:56 +00:00
sparc64 Add general configuration files used by release/release.sh for 2017-11-17 18:00:52 +00:00
tools Remove insecure ciphers from GCE sshd configuration 2018-07-28 19:35:49 +00:00
Makefile Fix the reldoc target in release/Makefile following doc commit r51264. 2017-12-07 20:00:19 +00:00
Makefile.azure Remove the HH-MM suffix from the build date suffix. 2015-07-01 14:51:26 +00:00
Makefile.ec2 fix use of empty in Makefile.ec2 2018-07-22 23:33:48 +00:00
Makefile.gce Add a special GCE_LICENSE variable to Makefile.gce, which when set, 2018-05-10 21:46:58 +00:00
Makefile.mirrors Update the GUMSTIX image build to use arm/arm TARGET/TARGET_ARCH. 2017-11-13 19:31:51 +00:00
Makefile.vagrant Add some comments with examples on how to build Vagrant images. 2017-02-01 16:15:23 +00:00
Makefile.vm Bump the size of virtual machine disk images from 20G to 30G, 2018-02-26 19:26:59 +00:00
rc.local Remove pc98 support completely. 2017-01-28 02:22:15 +00:00
release.conf.sample Correct a comment after r326330. 2017-11-28 18:08:14 +00:00
release.sh release: Add arm_install_boot to install the commit boot bits 2018-07-22 12:03:17 +00:00