[Users] Default cipher in vzmigrate
Scott Dowdle
dowdle at montanalinux.org
Thu Oct 17 16:19:37 PDT 2013
Greetings,
----- Original Message -----
> Is there any acceptable reason to use 'blowfish' cipher in vzmigrate?
> We are deny any incoming connection which doesn't use one of the
> following cipher:
>
> aes256-ctr,aes192-ctr,aes128-ctr
>
> This is a security rule our company. When we upgrade vzctrl package,
> I have to remove the cipher option from SSH_OPTIONS because
> overwritten when upgrade done.
>
> from: SSH_OPTIONS="-c blowfish -o BatchMode=yes"
> to: SSH_OPTIONS="-o BatchMode=yes"
>
> Can you ship official vzmigrate without cipher definition?
Do you migrate containers outside of your network or from outside into your network? That isn't a very common thing I don't think.
TYL,
--
Scott Dowdle
704 Church Street
Belgrade, MT 59714
(406)388-0827 [home]
(406)994-3931 [work]
More information about the Users
mailing list