nixos/sshd: Remove algorithms that do MAC-then-encrypt
Algorithms with the -etm suffix calculate the MAC after encryption, which is generally considered safer.
This commit is contained in:
parent
a9611f3429
commit
537d611a75
1 changed files with 0 additions and 3 deletions
|
@ -365,9 +365,6 @@ in
|
|||
"hmac-sha2-512-etm@openssh.com"
|
||||
"hmac-sha2-256-etm@openssh.com"
|
||||
"umac-128-etm@openssh.com"
|
||||
"hmac-sha2-512"
|
||||
"hmac-sha2-256"
|
||||
"umac-128@openssh.com"
|
||||
];
|
||||
description = lib.mdDoc ''
|
||||
Allowed MACs
|
||||
|
|
Loading…
Reference in a new issue