reorder openssh KEX algorithms by relevance of security decending
authorAaron Zauner <azet@azet.org>
Tue, 3 Dec 2013 20:32:16 +0000 (21:32 +0100)
committerAaron Zauner <azet@azet.org>
Tue, 3 Dec 2013 20:32:16 +0000 (21:32 +0100)
src/practical_settings/mailserver.tex

index 376e819..02d9098 100644 (file)
@@ -403,7 +403,7 @@ There already is a working patch to provide support:\\
        ServerKeyBits 4096
        Ciphers aes256-gcm@openssh.com aes128-gcm@openssh.com aes256-ctr aes128-ctr
        MACs umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
-       KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
+       KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1
 \end{lstlisting}
 
 % XXX: curve25519-sha256@libssh.org only available upstream(!)