Re: Fixing exchange of host keys in the SSH key exchange

To: ietf-ssh%netbsd.org@localhost
Subject: Re: Fixing exchange of host keys in the SSH key exchange
From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Date: Mon, 24 Apr 2017 22:55:05 -0400 (EDT)

Back on March 25th, I wrote (in the thread about making the client tell
the server what host keys it's able to authenticate using, pre-kex)

> Hmm, I think I'll give moussh a configuration option to send things
> before the ID string, for exactly that reason.

I've now done this.  See the -pre-banner command-line option and the
pre-banner config-file variable.

As the manpage notes,

                             Generating a line beginning `SSH-' with this
             mechanism will break the protocol; moussh contains no checks to
             ensure this isn't done.

I'm not sure whether I think this is the Right Thing.  I came down in
favour of this behaviour, but not by much; if anyone cares to argue in
favour of either position (either the above stance or making sure that
doesn't happen), I'd be interested.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

References:
- Re: Fixing exchange of host keys in the SSH key exchange
  - From: Mouse
- Fixing exchange of host keys in the SSH key exchange
  - From: denis bider (Bitvise)
- Re: Fixing exchange of host keys in the SSH key exchange
  - From: Peter Gutmann

Prev by Date: Re: Fixing exchange of host keys in the SSH key exchange
Next by Date: eddsa25519 & eddsa448 for use with SSH
Previous by Thread: Re: Fixing exchange of host keys in the SSH key exchange
Next by Thread: Re: Fixing exchange of host keys in the SSH key exchange
Indexes:

Home | Main Index | Thread Index | Old Index