<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 10/10/2013 02:03 AM, Mihály
Árva-Tóth wrote:<br>
</div>
<blockquote
cite="mid:CAFHacg2KcPpLBJy67P+FY-mWY2fZTkCnvuhdjf79G6psx=E2iQ@mail.gmail.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<div dir="ltr">
<div>
<div>
<div>Hello,<br>
<br>
</div>
Is there any acceptable reason to use 'blowfish' cipher in
vzmigrate? We are deny any incoming connection which doesn't
use one of the following cipher:<br>
<br>
aes256-ctr,aes192-ctr,aes128-ctr<br>
<br>
</div>
This is a security rule our company. When we upgrade vzctrl
package, I have to remove the cipher option from SSH_OPTIONS
because overwritten when upgrade done.<br>
<br>
from: SSH_OPTIONS="-c blowfish -o BatchMode=yes"<br>
to: SSH_OPTIONS="-o BatchMode=yes"<br>
<br>
</div>
Can you ship official vzmigrate without cipher definition?<br>
</div>
</blockquote>
<br>
Simpler cipher usually improves transfer speed.<br>
<br>
Have you tried to use vzmigrate with say "--ssh=-c aes256-ctr"
option?<br>
</body>
</html>