Name based SSH proxy

Kasper Dupont kasperd at
Wed May 27 22:11:27 AEST 2015

On 27/05/15 12.41, Dirk-Willem van Gulik wrote:
> One could argue that putting the host name as plain text in the initial unencrypted exchange is leaking something (ignoring the DNS aspect here). 
> As this a) reveals whom you are talking to and b) may be a good trigger/selector for something pen-register/trap/trace.
> However a bit later in the exchange we get, in the clear, a somewhat finger printable list of possible cyphers supported (Key Exchange Init) is flashed by the server in the clear. Followed a packet later by the Diffie-Hellman Group Exchange Group; which contains the DH modulus in the clear (from the list of some 200 pre calculated safe primes, ?ssh/moduli'; in groups of 40; that are identical but for the last 4 bytes or so).
> So I guess that that makes not revealing some identifier as to whom you want to talk a bit of a moot point; as a few packets later it is revealed anyway.

Got it. And not to forget the host public key of the server
is also being sent in clear during the key exchange.

Kasper Dupont -- Rigtige mænd skriver deres egne backupprogrammer
#define _(_)"d.%.4s%."_"2s" /* This is my email address */

More information about the openssh-unix-dev mailing list