https://bugzilla.mindrot.org/show_bug.cgi?id=3823
Darren Tucker <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #2 from Darren Tucker <[email protected]> --- (In reply to Adrian Jarc from comment #0) > If I disable certain mac algorithms on sshd and then try to connect > (on same device) to ssh with thiose disabled algorithms, SSH allows > me to do this. > > Scenario: > > I have disabled hmac-sha2-256 in sshd config on device. Then I try > establishing connection via ssh client on same device with '-m > hmac-sha2-256' flag. Instead of connection being rejected because > mac algorithm is not supported on server, Client just ignores this > flag and connects. > > Logs of what happens: [...] It's not actually using hmac-sha2-256. It's configured to use the aes128-gcm cipher, which has its own integrity checking and does not use an explicit MAC at all: > debug1: kex: server->client cipher: [email protected] MAC: <implicit> > compression: none > debug1: kex: client->server cipher: [email protected] MAC: <implicit> > compression: none (see https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL for a more complete description). > Logs of what should happen: [...] In this case, it's configured to use the aes128-ctr cipher, which is why the client's MAC configuration comes into play: > debug2: ciphers ctos: > aes128-ctr,[email protected],aes256-ctr,[email protected] > debug2: ciphers stoc: > aes128-ctr,[email protected],aes256-ctr,[email protected] > debug2: MACs ctos: hmac-sha2-512 > debug2: MACs stoc: hmac-sha2-512 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
