I'm glancing between the RFCs and the source to the ssh2d server, and I was hoping someone could help me clarify what's going on with ssh-dss. [SSH-TRANS] section 6... When the sever sends its SSH_MSG_KEXDH_REPLY packet: byte SSH_MSG_KEXDH_REPLY string server public host key and certificates (K_S) mpint f string signature of H What is the format of the last field (the signature)? My understanding (from the spec, [SSH-TRANS] section 4.6) is that the string is actually formatted like this: uint32 length string "ssh-dss" mpint r mpint s However, according to the source code, it looks like the signature string is just a plain byte array with the format: byte[n] r || s where sizeof(r) == sizeof(s) I've been running on this assumption for my client implementation, but the signature only checks out about 20% of the time, and I'm quite confused. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Rich Unger | "The only 'intuitive' interface [EMAIL PROTECTED] | is the nipple. After that, it's http://ungerware.dhs.org/ | all learned." ICQ: 19120017 | -- Bruce Ediger - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
