ssh: prefer sha256 based MAC algorithms

sha256 is more optimized than sha512 in Go and is secure enough so prefer sha256 over sha512. Fixes golang/go#61138 Change-Id: I7658808655367f1ab5f4ac8b52e6b20bd30ebf87 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/507555 Run-TryBot: Filippo Valsorda <filippo@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Joedian Reid <joedian@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
author: Nicola Murino <nicola.murino@gmail.com> 2023-07-01 19:22:34 +0200
committer: Gopher Robot <gobot@golang.org> 2023-07-05 20:33:07 +0000
commit: 23b1b90df264a1df9c6403fa1ad13fda18fdb152 (patch)
tree: c7dbd0bbcb7f6d37bce05d6ad863d7543ac441b1
parent: e98487292dcad4efaa6033b245ee014f90d177a2 (diff)
download: go-x-crypto-23b1b90df264a1df9c6403fa1ad13fda18fdb152.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/ssh/common.go b/ssh/common.go
index 9ba6e10..03ff0b3 100644
--- a/ssh/common.go
+++ b/ssh/common.go
@@ -85,7 +85,7 @@ var supportedHostKeyAlgos = []string{
 // This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
 // because they have reached the end of their useful life.
 var supportedMACs = []string{
-	"hmac-sha2-512-etm@openssh.com", "hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha2-512", "hmac-sha1", "hmac-sha1-96",
+	"hmac-sha2-256-etm@openssh.com", "hmac-sha2-512-etm@openssh.com", "hmac-sha2-256", "hmac-sha2-512", "hmac-sha1", "hmac-sha1-96",
 }
 
 var supportedCompressions = []string{compressionNone}
author	Nicola Murino <nicola.murino@gmail.com>	2023-07-01 19:22:34 +0200
committer	Gopher Robot <gobot@golang.org>	2023-07-05 20:33:07 +0000
commit	23b1b90df264a1df9c6403fa1ad13fda18fdb152 (patch)
tree	c7dbd0bbcb7f6d37bce05d6ad863d7543ac441b1
parent	e98487292dcad4efaa6033b245ee014f90d177a2 (diff)
download	go-x-crypto-23b1b90df264a1df9c6403fa1ad13fda18fdb152.tar.xz