OpenSSH protocol 1.6 proposal
Markus Friedl
markus.friedl at informatik.uni-erlangen.de
Mon Jan 3 01:12:08 EST 2000
On Sun, Jan 02, 2000 at 06:15:48AM -0500, David Rankin wrote:
> Speaking completely without facts, I am personally skeptical about
> enhancing the 1.x protocol when all of the standards processes are
> focused on getting 2.0 out the door. That said, I am willing to be
> convinced on the matter.
i have put the latest revisions of my SSH 1.6 patches to
http://wwwcip.informatik.uni-erlangen.de/~msfriedl/openssh/
basically they consist of:
(1) CRC is replaced with hmac-sha1 + sequence-numbers. the bytes
needed for the hmac-key are taken from the shared session-key
(2) authentication for parameters passed in the clear: the session-id
is extended from
session_id := MD5 (host_key_n |session_key_n|cookie);
to
session_id := MD5 (host_key_n |session_key_n|
supported_ciphers|supported_authentications|
client_flags|server_flags|
client_version_string|server_version_string|
cookie);
and yes, having openssh speak SSH-2.0 would be nice.
mail me if you are interested in helping implement 2.0.
-markus
More information about the openssh-unix-dev
mailing list