There several confusions and misconceptions in the description. It may be
possible to do what you describe - not sure though it would be standard or work
with all servers. Unfortunately, I am out-of-office for the next two weeks, so
we'll have to take this up then...
________________________________________
From: Alon Bar-Lev (JIRA) [j...@apache.org]
Sent: Friday, December 18, 2015 10:22 PM
To: dev@mina.apache.org
Subject: [jira] [Created] (SSHD-618) Support restricting server host key
algorithms
Alon Bar-Lev created SSHD-618:
---------------------------------
Summary: Support restricting server host key algorithms
Key: SSHD-618
URL:
https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_SSHD-2D618&d=BQICaQ&c=Sqcl0Ez6M0X8aeM67LKIiDJAXVeAw-YihVMNtXt-uEs&r=HMhsGLKXv55xAmksY4SsQcYP_oPrfu1Vne__JKwWQvo&m=eiVyLWGmHfKd962NQXuTvZupZphaqQfKOl3TFyftA64&s=GVl19riE8ZYimdMabvP1G4-MZV4GUeFsBYXSAHfPddM&e=
Project: MINA SSHD
Issue Type: Improvement
Affects Versions: 1.0.0, 1.1.0
Reporter: Alon Bar-Lev
In current implementation the signature factories effects all algorithms that
can be used during a connection. There is no way of limiting only sever host
key algorithm to be able to request a specific server key. This is required in
order to connect to pre-approved server using weaker key.
It should be possible as in rfc4253 "Algorithm Negotiation" we have two fields
one for available algorithms, and another for requesting a specific set of
server keys which is subset of the available algorithms.
name-list kex_algorithms
name-list server_host_key_algorithms
In rfc4252 we have "Public Key Authentication Method:
"publickey"" "Public key algorithms are defined in the transport layer
specification". So client public key types are subset of kex_algorithms.
As far as I understand if we set kex algorithms of rsa and nistp256
and force host key algorithms of rsa, we should be able to force
server to use weaker algorithm while client can use any of rsa and
nistp256.
To prove that I hacked the AbstractSession with:
protected byte[] sendKexInit() throws IOException {
- String resolvedAlgorithms = resolveAvailableSignaturesProposal();
+ //String resolvedAlgorithms = resolveAvailableSignaturesProposal();
+ //String resolvedAlgorithms = "ssh-rsa";
+ String resolvedAlgorithms = "ecdsa-sha2-nistp256";
If I force ssh-rsa I receive ssh-rsa sever key as expected.
If I force ecdsa-sha2-nistp256 I receive ecdsa-sha2-nistp256 server
key as expected while can authenticate using client ssh-rsa key, this
means that server and client are indeed detached.
Adding an option to specify a list of server host key type like "ssh-rsa" or
"ecdsa-sha2-nistp256" will be nice as once having a pre-approved server keys,
we can enforce them easily without transformation/guessing signature algorithm.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
