Sorry - I missed this the first time around.
libssh does not support key re-exchange right now. The fact that libssh has the option of using openssl's cryptographic library does not help, as openssl does not implement the SSH protocol. I plan on implementing key re-exchange in libssh, but I'm busy with other projects right now, so don't hold your breath. Last I looked, it appeared to me that typically a key re-exchange renegotiates everything from scratch, which I agree sounds excessive. However, since it happens only every 1 GB (typically), it's not too much overhead. Mark R ---------------------------------------------------------------------------- -------------------------------------------------------------------- Mark Riordan Sr Software Developer T. 608.824.3632 | <mailto:[email protected]> [email protected] cid:[email protected] <http://www.ipswitchft.com/> www.IpswitchFT.com From: Aviv Zilberman [mailto:[email protected]] Sent: Monday, May 14, 2012 2:26 AM To: '[email protected]' Subject: RE: SSH key exchange in mid-session Any comment ? Someone ? From: Aviv Zilberman Sent: Tuesday, May 01, 2012 3:32 PM To: [email protected] Subject: SSH key exchange in mid-session Hello, I want to start using with libssh in order to achieve SSH communication. The problem is that the target SSH server (not SFTP server in my case) is also configuring to drop the session after 1G or 1 hour. I notice the following limitation of libssh in below link and I have 2 questions : http://www.libssh.org/archive/libssh/2012-04/0000001.html 1) As far as I understood from the RFC only the symmetric session key itself supposed to be exchange - no need to repeat the initialize handshake include asymmetric keys. I am right ? is it done automatically ? I think openssh support it so why libssh not ? 2) Assuming I would like to support it anyway. Is there a way to do so using libssh ? if so, what it is ? Thanks in advance, Aviv Zilberman.
<<image001.png>>
