On 1/13/21 5:13 PM, Emiliano Gonzalez wrote:
Solved!!!
I'm using mbedcrypto and do not have ChaCha20-Poly1305. Disabling this
cypher works ok.
But it is allowed to enable in this situation ChaCha20 and
cipher->max_blocks = ((uint64_t)1 << 30) / cipher->blocksize crash with
division by zero.
Shouldn't this situation be controlled? It is not an error?
There were couple of bugs in chacha20-poly1350 implementation that
should be fixed with the following PR:
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/150
Can you check that the PR solves the for you?
Jakub
El mié, 13 de ene. de 2021 a la(s) 07:58, Jakub Jelen (jje...@redhat.com
<mailto:jje...@redhat.com>) escribió:
On 1/12/21 4:09 PM, Emiliano Gonzalez wrote:
> I have a ssh server.
>
> When I connect with the client on Fedora 32 ssh there are no
problems.
>
> With PuTTY: Release 0.74 I can't connect with error: Couldn't
agree a
> host key algorithm (available: rsa-sha2-512, rsa-sha2-256)
That sounds like an issue of PuTTY, that it can not use the RSA SHA2
hostkey algorithms from RFC8332.
As a workaround, you can configure your server with different hostkeys
(ed25519) so incompatible clients can connect too.
> From Centos 7 ssh server crash. In packet.c (line 1862):
>
> |/* For smaller blocks use limit of 1 GB as recommended in
RFC4253 */
> cipher->max_blocks = ((uint64_t)1 << 30) / cipher->blocksize; |
>
> cipher->blocksize is 0;
What cipher is used for this connection? There is no cipher that would
have blocksize == 0.
Can you get a debug log?
Regards,
--
Jakub Jelen
Senior Software Engineer
Crypto Team, Security Engineering
Red Hat, Inc.
--
Jakub Jelen
Senior Software Engineer
Crypto Team, Security Engineering
Red Hat, Inc.
