Re: SSH key algorithm updates

To: Max Horn <postbox%quendi.de@localhost>
Subject: Re: SSH key algorithm updates
From: denis bider <ietf-ssh3%denisbider.com@localhost>
Date: Fri, 6 Nov 2015 17:59:00 +0000

> Also, of course there are implementations missing (one notable
> is Bitvise's; I started work on that, but had a hard time finding
> reliable a source for what they actually support and what not).

If you can run a Windows executable, you can simply download our stuff from our website:

https://www.bitvise.com/

Both the client and the server are free for use that is both personal and non-commercial. The client goes further than that, and is also free for individual use in organizations.

The following is what a default SSH Server installation (latest version 6.43) supports and enables at the moment. All algorithms listed are supported. Only the "true" ones are enabled by default:

> q algs.*
With kex {
ecdhSecp256k1 true
ecdhNistp256 true
ecdhNistp384 true
ecdhNistp521 true
dhGexSha256 true
dhGexSha1 true
dhG1Sha1 false
dhG14Sha1 true
gssG1Sha1Krb5 false
gssG14Sha1Krb5 true
gssGexSha1Krb5 true
}
With encr {
aes256-ctr true
aes192-ctr true
aes128-ctr true
3des-ctr true
aes256-cbc false
aes192-cbc false
aes128-cbc false
3des-cbc false
none false
}
With mac {
hmac-sha2-256 true
hmac-sha1 true
hmac-md5 false
hmac-sha2-256-96 false
hmac-sha1-96 false
hmac-md5-96 false
none false
}
With cmpr {
zlib true
none true
delayCompression false
}

Supported host key algorithms are:

ssh-rsa
ssh-dss
ecdsa-sha2 over secp256k1
ecdsa-sha2 over nistp256
ecdsa-sha2 over nistp384
ecdsa-sha2 over nistp521

Algorithms supported by our client mirror those in the server.

denis

----- Original Message -----
From: Max Horn
Sent: Friday, November 6, 2015 03:08
To: ietf-ssh%NetBSD.org@localhost
Cc: Mark D. Baushke
Subject: Re: SSH key algorithm updates

Hi there,

just joined the list, but saw on the list archive that a few days ago,
Mark D. Baushke wrote on this thread:

> It would be useful to see what other protocols various SSH implementers
> have been adding and see if there is a desire to move any of them into a
> recommended or optional standard.

As a matter of fact, I started such a page some time ago:

http://ssh-comparison.quendi.de/
http://ssh-comparison.quendi.de/comparison.html

I tried my best to make it accurate, but of course cannot exclude mistakes.
Also, of course there are implementations missing (one notable is Bitvise's;
I started work on that, but had a hard time finding reliable a source for
what they actually support and what not).

Anyway, issue reports and pull request (also with info on additional
implementations) are most welcome:

https://github.com/fingolfin/ssh-comparison

The comparison page shows for example that hmac-sha2-256 and hmac-sha2-512
support is quite good now; one notable SSH library not implementing it yet
in a released version is libssh2, but they will have it in the next release
(the code is in their repository already), which in turn should allow
various clients based on it to support it. Another exception is lsh.

Cheers,
max

Follow-Ups:
- Re: SSH key algorithm updates
  - From: Max Horn

Prev by Date: Re: New version of rsa-sha2-512 draft posted: no more DSA
Next by Date: Re: SSH key algorithm updates
Previous by Thread: RE: SSH key algorithm updates
Next by Thread: Re: SSH key algorithm updates
Indexes:

Home | Main Index | Thread Index | Old Index