version 1.366, 2015/11/15 22:26:49 |
version 1.367, 2016/02/16 05:11:04 |
|
|
and |
and |
.Fl 2 |
.Fl 2 |
options (see above). |
options (see above). |
Both protocols support similar authentication methods, |
Protocol 2 is the default. |
but protocol 2 is the default since |
Protocol 1 should not be used - it suffers from a number of cryptographic |
it provides additional mechanisms for confidentiality |
weaknesses and is only offered to support legacy devices. |
(the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) |
|
and integrity (hmac-md5, hmac-sha1, |
|
hmac-sha2-256, hmac-sha2-512, |
|
umac-64, umac-128, hmac-ripemd160). |
|
Protocol 1 lacks a strong mechanism for ensuring the |
|
integrity of the connection. |
|
.Pp |
.Pp |
The methods available for authentication are: |
The methods available for authentication are: |
GSSAPI-based authentication, |
GSSAPI-based authentication, |