stribika

Actually GCM is no good because for some reason SSH doesn't encrypt the message size field when using GCM. Nothing wrong with GCM in general as far as I know....

I don't think you should make them world readable, they have to be kept private. When you look at them later, you may not know how long they were readable...

If you make them world readable, you must never use them again. The only reason I can see for keeping them is if you want to re-enable them later without...

Creating empty world readable files are fine. This is somewhat similar to the broken symlink trick that used to be there but I removed it since the regenerated config files...

The easiest would be to let it generate keys (don't do the broken symlink trick) but make sure sshd_config won't use them.

If you have an SSH hidden service then you will see everyone connecting from localhost. Restricting features for keys is still useful, thanks.

Don't publish user names. Although disabling password login makes brute forcing passwords infeasible even with known user names, they can be useful in other contexts. Could be used to guess...

This looks really bad. It also affects all the etm cbc algos too. Thanks for letting me know ,i'll update it today.

I can confirm it's reproducible. I retried the job several times to fix earlier errors before getting to this point, maybe that could have confused it. If I go ahead...

I modified my lxc-local script to autodetect compression, it just involves using `tar -a` instead of `tar -J`, but I'm not sure of the portability implications. PR is here: https://github.com/lxc/lxc/pull/4590