--- sshd.c.orig	Mon Dec 13 20:27:21 1999
+++ sshd.c	Mon Dec 13 20:28:45 1999
@@ -1496,8 +1496,10 @@
   /* Read clients reply (cipher type and session key). */
   packet_read_expect(SSH_CMSG_SESSION_KEY);
 
-  /* Get cipher type. */
+  /* Get cipher type and check whether we accept this. */
   cipher_type = packet_get_char();
+  if (!(cipher_mask() & (1 << cipher_type)))
+    packet_disconnect("Warning: client selects unsupported cipher.");
 
   /* Get check bytes from the packet.  These must match those we sent earlier
      with the public key packet. */
