Re: Fixing exchange of host keys in the SSH key exchange

[Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>]

Mouse <mouse%Rodents-Montreal.ORG@localhost> writes:

>Another possible benefit would be automatic defeat of host-key-gathering
>bots.  My logs are full of clients that connect, get my host key, and then
>disconnect.  A few of them are honest about what they're doing ("SSH-2.0-
>ZGrab ZGrab SSH Survey", or "SSH-2.0-OpenSSH-keyscan"); others are...less so
>("SSH-2.0-PUTTY"). Most just report a library version (eg, "SSH-2.0-
>sshlib-0.1").

I assume this is for weak-key-checking/key-sharing detection for research
purposes, or is there some malicious use for the info?

>I can't help wondering if perhaps this is time to use the uint32 in
>SSH_MSG_KEXINIT that is "0 (reserved for future extension)", though, rather
>than shoehorning it into something that's currently outside the protocol
>(almost) entirely.  I see no guidance in 4253 for implementation behaviour if
>that value isn't 0 - but see below.

I think this was discussed in the context of SSH extensions and the conclusion
was that far too many things would break if this was nonzero.  So even though
it's marked as RFU, in practice it's "always set to zero".

Peter.