[
https://issues.apache.org/jira/browse/GUACAMOLE-407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16195816#comment-16195816
]
Sven Gottwald commented on GUACAMOLE-407:
-----------------------------------------
Mhh, according to the website https://www.libssh2.org/ libssh2 supports all
kind of kind of key exchange methods and MAC hashes:
{code:java}
Key Exchange Methods: diffie-hellman-group1-sha1, diffie-hellman-group14-sha1,
diffie-hellman-group-exchange-sha1, diffie-hellman-group-exchange-sha256
MAC hashes: hmac-sha2-256, hmac-sha2-512, hmac-sha1, hmac-sha1-96, hmac-md5,
hmac-md5-96, hmac-ripemd160 ([email protected]), none
{code}
But guacamole uses only the old ones.
> Support "modern" ssh crypto - only SHA1 is available
> ----------------------------------------------------
>
> Key: GUACAMOLE-407
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-407
> Project: Guacamole
> Issue Type: Improvement
> Components: SSH
> Affects Versions: 0.9.13-incubating
> Environment: guacamole 0.9.13-incubating under docker
> https://hub.docker.com/r/guacamole/guacamole/
> Reporter: Sven Gottwald
>
> It seems that guacamole doesn't support any "modern" ssh crypto.
> The following key exchange methods are supported:
> * diffie-hellman-group14-sha1
> * diffie-hellman-group-exchange-sha1
> * diffie-hellman-group1-sha1
> The following MACs are supported:
> * hmac-sha1,hmac-sha1-96
> * hmac-md5,hmac-md5-96
> * hmac-ripemd160
> * [email protected]
> Guacamole SHOULD support modern crypto like SHA2 and curve25519, see
> https://wiki.mozilla.org/Security/Guidelines/OpenSSH for more information and
> references.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
