tomaswolf opened a new pull request #204: URL: https://github.com/apache/mina-sshd/pull/204
Provide a default implementation for the server-side SSH_MSG_EXT_INFO message sending including the server-sig-algs KEX extension.[1] A server that implements the rsa-sha2-512 or rsa-sha2-256 signature algorithms should implement this extension, otherwise even clients that also have these signature algorithms may fall back to ssh-rsa to avoid authentication penalties.[2] Apache MINA sshd servers by default do implement the SHA-2 RSA signatures, and an Apache MINA sshd client by default does request KEX extension information and does handle the server-sig-algs extension. So an Apache MINA sshd server should by default implement this extension. This implementation sends the server-sig-algs extension record once at the end of the initial key exchange. [1] https://tools.ietf.org/html/rfc8308 [2] https://tools.ietf.org/html/rfc8332#section-3.3 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org