https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16054
Bug ID: 16054
Summary: Add SSH decryption support
Product: Wireshark
Version: Git
Hardware: All
OS: All
Status: IN_PROGRESS
Severity: Enhancement
Priority: Low
Component: Dissection engine (libwireshark)
Assignee: bugzilla-ad...@wireshark.org
Reporter: pe...@lekensteyn.nl
Target Milestone: ---
Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
It would be nice to see the contents of encrypted SSH packets such as commands
and their outputs.
See also:
https://wiki.wireshark.org/SSH
https://wiki.wireshark.org/OpenSourceSoftwareEngineeringFall2019
It would probably be best to use the Diffie-Hellman (DH) shared secret, and
derive the symmetric keys in Wireshark. That way, the key material provided
from the SSH application to Wireshark can remain quite small. Another advantage
is that the key log format can remain the same, independent of the selected
cipher.
This is worked on as part of CS5152 in Fall 2019.
--
You are receiving this mail because:
You are watching all bug changes.___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
