[Ach] OpenSSH

Kurt Roeckx kurt at roeckx.be
Mon Dec 30 22:20:17 CET 2013


On Mon, Dec 30, 2013 at 07:23:56PM +0100, Kurt Roeckx wrote:
> Hi,
> 
> The document says to check test with "-vvv" and observer the output.  It
> would be good that it actually said what to look for.

So modifying my config sshd_config file, adding the suggested
Ciphers line only, restarting ssh, and looking at the difference
in output, I see the difference in announements, but the same
encryption is still used.

On the other hand if I put back my original sshd_config and
instead change my ssh_config, I get this instead:
debug1: kex: server->client aes256-gcm at openssh.com <implicit> none
debug1: kex: client->server aes256-gcm at openssh.com <implicit> none

This is really what I was expecting, that it's the client that
controls the selected cipher.

So then I tried adding all those things in my ssh_config as it was
suggested in the documentation and I get:
Unsupported KEX algorithm "curve25519-sha256 at libssh.org"
/etc/ssh/ssh_config line 58: Bad SSH2 KexAlgorithms 'curve25519-sha256 at libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1'.

(Tested with openssh 6.4p1)

Removing that one, I end up with this when connecting to a 6.0p1:
debug1: kex: server->client aes256-ctr hmac-sha2-512 none
debug2: mac_setup: found hmac-sha2-512
debug1: kex: client->server aes256-ctr hmac-sha2-512 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<4096<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 511/1024
debug2: bits set: 2080/4096
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY


And connecting to a 5.5p1:
debug2: mac_setup: found hmac-ripemd160
debug1: kex: server->client aes256-ctr hmac-ripemd160 none
debug2: mac_setup: found hmac-ripemd160
debug1: kex: client->server aes256-ctr hmac-ripemd160 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<4096<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 262/512
debug2: bits set: 2061/4096
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY


Anyway, I think it's more important that we get the clients to set
those values instead, but the server should probably also limit
the amount they allow.


Kurt




More information about the Ach mailing list