[kstrauser]

As long as we’re walking down this road, you also don’t encrypt with Argon2. It’s a hashing function, specialized for passwords.

[z_]

And chacha20-poly1305 is listed in the SSH MiTM issue.

https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19...

[radlad]

Wireguard also uses ChaCha20-Poly1305, but I am not sure it's relevant? I believe that attack is specific to SSH:

"The attack exploits weaknesses in the specification of SSH paired with widespread algorithms, namely ChaCha20-Poly1305 and CBC-EtM, to remove an arbitrary number of protected messages at the beginning of the secure channel, thus breaking integrity."

[0] https://arstechnica.com/security/2023/12/hackers-can-break-s...