RE: SSH key algorithm updates

To: Max Horn <postbox%quendi.de@localhost>, denis bider <ietf-ssh3%denisbider.com@localhost>
Subject: RE: SSH key algorithm updates
From: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Date: Sat, 7 Nov 2015 00:43:43 +0000

Max Horn <postbox%quendi.de@localhost> writes:

>That's the rub, I can't really (don't have access to any Windows machine).

'strings ssh-app-name.exe'?  Since the identifiers are text strings, you don't
really need to run the binary.

>One last question: Right now I only list these user auth methods:

'none' is actually a bit of a problem since it's two different things, an auth
mode and a mode-query-mechanism.  I support 'none' as a query mechanism since
some clients don't work without it, but not as an auth mechanism, and I
suspect a number of other implementions listed as supporting 'none' wouldn't
actually let you in without a password either.  So perhaps this could be split
into 'none-as-auth' and 'none-as-query'.  I'd certainly be nervous about using
an implementation that had 'none-as-auth' enabled by default.

Peter.

Follow-Ups:
- Re: SSH key algorithm updates
  - From: Max Horn

References:
- Re: SSH key algorithm updates
  - From: denis bider
- Re: SSH key algorithm updates
  - From: Max Horn

Prev by Date: Re: SSH key algorithm updates
Next by Date: RE: New version of rsa-sha2-512 draft posted: no more DSA
Previous by Thread: Re: SSH key algorithm updates
Next by Thread: Re: SSH key algorithm updates
Indexes:

Home | Main Index | Thread Index | Old Index