OpenSSH protocol 1.6 proposal

Markus Friedl markus.friedl at informatik.uni-erlangen.de
Mon Jan 3 01:12:08 EST 2000


On Sun, Jan 02, 2000 at 06:15:48AM -0500, David Rankin wrote:
> Speaking completely without facts, I am personally skeptical about
> enhancing the 1.x protocol when all of the standards processes are
> focused on getting 2.0 out the door. That said, I am willing to be
> convinced on the matter.

i have put the latest revisions of my SSH 1.6 patches to
	http://wwwcip.informatik.uni-erlangen.de/~msfriedl/openssh/

basically they consist of:
(1) CRC is replaced with hmac-sha1 + sequence-numbers. the bytes
    needed for the hmac-key are taken from the shared session-key
(2) authentication for parameters passed in the clear: the session-id
    is extended from
   session_id := MD5 (host_key_n |session_key_n|cookie);
to
   session_id := MD5 (host_key_n |session_key_n|
       supported_ciphers|supported_authentications|
       client_flags|server_flags|
       client_version_string|server_version_string|
       cookie);

and yes, having openssh speak SSH-2.0 would be nice.
mail me if you are interested in helping implement 2.0.

-markus





More information about the openssh-unix-dev mailing list