[Bug 148] New: Key Exchange Guesses not supported

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Mar 8 07:33:07 EST 2002


http://bugzilla.mindrot.org/show_bug.cgi?id=148

           Summary: Key Exchange Guesses not supported
           Product: Portable OpenSSH
           Version: 3.0p1
          Platform: All
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: Darren.Moffat at Sun.COM


This was discovered at Connectathon 2002 while testing against SSH.COM
with their compat flags disabled (they currently don't send guess to
any OpenSSH server since they know it isn't implemented).

draft-ietf-secsh-transport-13.txt

5. Key Exchange

   Key exchange begins by each side sending lists of supported
   algorithms.  Each side has a preferred algorithm in each category,
   and it is assumed that most implementations at any given time will
   use the same preferred algorithm.  Each side MAY guess which
   algorithm the other side is using, and MAY send an initial key
   exchange packet according to the algorithm if appropriate for the
   preferred method.

   Guess is considered wrong, if:
   o  the kex algorithm and/or the host key algorithm is guessed wrong
      (server and client have different preferred algorithm), or
   o  if any of the other algorithms cannot be agreed upon (the
      procedure is defined below in Section Section 5.1).

   Otherwise, the guess is considered to be right and the optimistically
   sent packet MUST be handled as the first key exchange packet.

The current code for kex in OpenSSH assumes that they only acceptable
packet is a NEWKEYS by using this code fragment:

        packet_read_expect(SSH2_MSG_NEWKEYS);

SSH2_MSG_KEXDH_INIT can arrive if the other side sends a guess.

I have a partial solution (only works if the client guess was our prefered),
solution for the server side but this needs client support as well.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the openssh-unix-dev mailing list