djm's personal weblog

A couple of weeks ago I described the host key rotation support forthcoming in OpenSSH 6.8. Almost immediately after smugly declaring ...

Update: Two things that I neglected to mention in the above: 1) host keys that are not offered as part of the server->client notificati...

Once again their are proposals for mandatory retention of Australian Internet data to improve domestic surveillance. I think these are a t...

OpenSSH 6.5 will introduce some new options to allow the client to canonicalise unqualified domain names, allowing it (for example) to unde...

I just (belatedly) rotated my PGP keys. The old ID was 86FF9C48 and the new 6D920D30 with a fingerprint of 59C2 118E D206 D927 E667 EBE3 D...

Recently, I committed support for a new authenticated encryption cipher for OpenSSH, chacha20-poly1305@openssh.com . This cipher combines t...