Compatibility issue: OpenSSH v2.3.0p1 vs. 3.0.2: RSA keys
Gert Doering
gert at greenie.muc.de
Wed Mar 6 22:11:16 EST 2002
Hi,
On Wed, Mar 06, 2002 at 11:58:40AM +0100, Ulrich Windl wrote:
> > > The problem seems to be that OpenSSH uses version numbers to decide
> > > about features, while an explicit feature list would be the way to go.
> > > OpenSSH will never know all the implementations of the SSH protocol.
> >
> > I can't follow you here. The server states what protocols it can do, and
> > the client knows which one it prefers in case there are multiple options.
>
> If the server can do v1 RSA keys, and the client can, but the server
> cannot do v2 password, why is the "default" used, and not the
> negotiated (i.e. v1 RSA key).
Protocol version is negotiated before authentication variants are
negotiated, and there is no way to query the server "which authentication
versions can you do for which protocol". As such, RSA1 key is NOT "the
negotiated".
Doesn't strike me as too useful anyway - why would anyone permit password
for v1 and not for v2 or vice versa?
> I mean protocol version is one constant, but security policy is a
> variable. If the server announces to accept RSA1 keys, and the client
> can use it, why not?
Protocol first, authentication options *inside* that protocol.
[..]
> Almost: If the client would fall back to v1 if v2 failed to establish a
> connection (no authentication method available), it would be fine. If a
> good negotiation took place, the right protocol would be used
> automatically.
The protocol doesn't permit this (and this is nothing the OpenSSH people
can affect, the IETF secsh people are the one to change this).
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert.doering at physik.tu-muenchen.de
More information about the openssh-unix-dev
mailing list