diff options
| author | Sebastian Deiss <sdeiss@haw-landshut.de> | 2014-08-25 16:52:06 +0200 |
|---|---|---|
| committer | Sebastian Deiss <sdeiss@haw-landshut.de> | 2014-08-25 16:52:06 +0200 |
| commit | b076c10d00ee2cb4d465291a4ef0a4be9f048d9a (patch) | |
| tree | c600560c45df7d2ef8c2e10d4e8e6c46c2ec3b4b | |
| parent | 90ba61cf29f1bc46736a2f00ded8352a22ec9b60 (diff) | |
reorder key exchange methods to increase security
| -rw-r--r-- | paramiko/transport.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/paramiko/transport.py b/paramiko/transport.py index 86c9130c..65c1af79 100644 --- a/paramiko/transport.py +++ b/paramiko/transport.py @@ -95,7 +95,7 @@ class Transport (threading.Thread): 'aes256-cbc', '3des-cbc', 'arcfour128', 'arcfour256') _preferred_macs = ('hmac-sha1', 'hmac-md5', 'hmac-sha1-96', 'hmac-md5-96') _preferred_keys = ('ssh-rsa', 'ssh-dss', 'ecdsa-sha2-nistp256') - _preferred_kex = ( 'diffie-hellman-group1-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group-exchange-sha1' ) + _preferred_kex = ( 'diffie-hellman-group14-sha1', 'diffie-hellman-group-exchange-sha1' , 'diffie-hellman-group1-sha1') _preferred_compression = ('none',) _cipher_info = { @@ -230,11 +230,11 @@ class Transport (threading.Thread): if self.use_gss_kex: self.kexgss_ctxt = GSSAuth("gssapi-keyex", gss_deleg_creds) self._preferred_kex = ('gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==', - 'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==', 'gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==', + 'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==', 'diffie-hellman-group-exchange-sha1', - 'diffie-hellman-group1-sha1', - 'diffie-hellman-group14-sha1') + 'diffie-hellman-group14-sha1', + 'diffie-hellman-group1-sha1') # state used during negotiation self.kex_engine = None |