[Ach] OpenSSH

Kurt Roeckx kurt at roeckx.be
Mon Dec 30 21:02:44 CET 2013


On Mon, Dec 30, 2013 at 08:12:55PM +0100, Aaron Zauner wrote:
> > The document says to check test with "-vvv" and observer the output.  It
> > would be good that it actually said what to look for.
> What would you suggest?

To be honest, I'm not even sure how to check it.  What I see with
my default config is:
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-rsa,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-dss-cert-v00 at openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss
[...]
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5-etm at openssh.com
debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com none
debug2: mac_setup: found hmac-md5-etm at openssh.com
debug1: kex: client->server aes128-ctr hmac-md5-etm at openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
[...]
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received

The first debug2 are the KEX algorithms, the rest is actually
other algorithms including the encryption, but that's all send
in the "key exchange init" message.

This line:
debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com none

Shows: encryption=aes128-ctr, mac=hmac-md5-etm at openssh.com,
compression=none

But I have no idea which key exchange it's actually using.

Since it says "SSH2_MSG_KEX_ECDH_INIT", I assume the KEX is some
ECDH, but I have no idea which one and I'm just going to assume
it's ecdh-sha2-nistp256.

Wireshark tells me "Diffie Hellman Key Exchange init (30)", and
reply (31) with a P and G in it, which doesn't seem to be ECDH
to me.  I don't actually have an ECC keys, so a normal DH would
actually make sense to me, and the debug information actually
seems to be wrong.

Looking at RFCs, 30 would be the valid number for
SSH2_MSG_KEX_ECDH_INIT.

So I really have no idea which KEX was used.


Kurt




More information about the Ach mailing list