ssh: prefer sha256 based MAC algorithms sha256 is more optimized than sha512 in Go and is secure enough so prefer sha256 over sha512. Fixes golang/go#61138 Change-Id: I7658808655367f1ab5f4ac8b52e6b20bd30ebf87 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/507555 Run-TryBot: Filippo Valsorda <filippo@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Joedian Reid <joedian@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>

commit: 23b1b90df264a1df9c6403fa1ad13fda18fdb152 [log] [tgz]
author: Nicola Murino <nicola.murino@gmail.com> Sat Jul 01 19:22:34 2023 +0200
committer: Gopher Robot <gobot@golang.org> Wed Jul 05 20:33:07 2023 +0000
tree: c7dbd0bbcb7f6d37bce05d6ad863d7543ac441b1
parent: e98487292dcad4efaa6033b245ee014f90d177a2 [diff]
diff --git a/ssh/common.go b/ssh/common.go
index 9ba6e10..03ff0b3 100644
--- a/ssh/common.go
+++ b/ssh/common.go

@@ -85,7 +85,7 @@
 // This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
 // because they have reached the end of their useful life.
 var supportedMACs = []string{
-	"hmac-sha2-512-etm@openssh.com", "hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha2-512", "hmac-sha1", "hmac-sha1-96",
+	"hmac-sha2-256-etm@openssh.com", "hmac-sha2-512-etm@openssh.com", "hmac-sha2-256", "hmac-sha2-512", "hmac-sha1", "hmac-sha1-96",
 }
 
 var supportedCompressions = []string{compressionNone}
commit	23b1b90df264a1df9c6403fa1ad13fda18fdb152	[log] [tgz]
author	Nicola Murino <nicola.murino@gmail.com>	Sat Jul 01 19:22:34 2023 +0200
committer	Gopher Robot <gobot@golang.org>	Wed Jul 05 20:33:07 2023 +0000
tree	c7dbd0bbcb7f6d37bce05d6ad863d7543ac441b1
parent	e98487292dcad4efaa6033b245ee014f90d177a2 [diff]