- Triple DES has been formally deprecated in Kerberos (RFC 8429) and is soon to be deprecated in IPsec (RFC 8221).
- Blowfish is deprecated. FreeBSD doesn't support its successor (Twofish).
- MD5 is generally considered a weak digest that has known attacks.
geli refuses to create new volumes using these algorithms via
'geli init'. It also warns when attaching to existing volumes or
creating temporary volumes via 'geli onetime' . The plan is to
fully remove support for these algorithms in FreeBSD 13.