#
# Removes cast128-cbc support.
#
# At this moment this algorithm is not listed in Approved Security
# Technologies: Standards Details at all. Eventually it will be added as
# deprecated.
#
# SunSSH did not support cast128-cbc. In this respect removing cast128-cbc from
# OpenSSH doesn't constitute a regression in functionality from SunSSH.
#
# Interoperability gain provided by cast128-cbc is negligible, because all
# relevant ssh implementations also provide several more common encryption
# algorithms (aes256-ctr, aes128-cbc, ...) on top of cast128-cbc.
#
# Update Aug 29, 2016:
# This used to be implemented by Solaris specific macro WITHOUT_CAST,
# but now upstream OPENSSL_NO_CAST is used instead. This patch now just
# removes cast references from manpages.
#
# This is a Solaris specific patch and it is not likely to be accepted upstream.
#
--- orig/ssh_config.5 Mon Aug 15 17:22:20 2016
+++ new/ssh_config.5 Mon Aug 15 17:25:28 2016
@@ -478,8 +478,6 @@
.It
blowfish-cbc
.It
-cast128-cbc
-.It
chacha20-poly1305@openssh.com
.El
.Pp
--- orig/sshd_config.5 Mon Aug 15 17:22:29 2016
+++ new/sshd_config.5 Mon Aug 15 17:25:58 2016
@@ -479,8 +479,6 @@
.It
blowfish-cbc
.It
-cast128-cbc
-.It
chacha20-poly1305@openssh.com
.El
.Pp
--- orig/sshd.8 Mon Aug 15 17:22:36 2016
+++ new/sshd.8 Mon Aug 15 17:26:48 2016
@@ -307,7 +307,7 @@
forward security is provided through a Diffie-Hellman key agreement.
This key agreement results in a shared session key.
The rest of the session is encrypted using a symmetric cipher, currently
-128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
+128-bit AES, Blowfish, 3DES, Arcfour, 192-bit AES, or 256-bit AES.
The client selects the encryption algorithm
to use from those offered by the server.
Additionally, session integrity is provided