ECDSA and first connection; bug?
Damien Miller
djm at mindrot.org
Fri Jan 28 10:34:59 EST 2011
On Thu, 27 Jan 2011, Dan Kaminsky wrote:
> On Thu, Jan 27, 2011 at 3:20 PM, Damien Miller <djm at mindrot.org> wrote:
> > On Thu, 27 Jan 2011, Dan Kaminsky wrote:
> >
> >> Would this add a RTT? SSH is a little slow as is.
> >
> > No, it would just be an informational message sent from the server to the
> > client probably right after the first SSH_MSG_NEWKEYS.
>
> A message that said "BTW, here's my other host keys" would be
> excellent. Question: If we know the ECC key for something, should we
> no longer respect the RSA/DSA key? My understanding is the ECC key is
> stronger.
In OpenSSH 5.7, the preference order is:
#define KEX_DEFAULT_PK_ALG \
"ecdsa-sha2-nistp256-cert-v01 at openssh.com," \
"ecdsa-sha2-nistp384-cert-v01 at openssh.com," \
"ecdsa-sha2-nistp521-cert-v01 at openssh.com," \
"ssh-rsa-cert-v01 at openssh.com," \
"ssh-dss-cert-v01 at openssh.com," \
"ssh-rsa-cert-v00 at openssh.com," \
"ssh-dss-cert-v00 at openssh.com," \
"ecdsa-sha2-nistp256," \
"ecdsa-sha2-nistp384," \
"ecdsa-sha2-nistp521," \
"ssh-rsa," \
"ssh-dss"
-d
More information about the openssh-unix-dev
mailing list