Re: [netconf] Paul Wouters' Discuss on draft-ietf-netconf-ssh-client-server-38: (with DISCUSS and COMMENT)
Paul Wouters <paul.wouters@aiven.io> Sat, 02 March 2024 18:38 UTC
Return-Path: <paul.wouters@aiven.io>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E556C14F6AF for <netconf@ietfa.amsl.com>; Sat, 2 Mar 2024 10:38:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=aiven.io
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ihPl8SxSchHp for <netconf@ietfa.amsl.com>; Sat, 2 Mar 2024 10:38:15 -0800 (PST)
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BEA59C14F69A for <netconf@ietf.org>; Sat, 2 Mar 2024 10:38:15 -0800 (PST)
Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-a43f922b2c5so384140666b.3 for <netconf@ietf.org>; Sat, 02 Mar 2024 10:38:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aiven.io; s=google; t=1709404694; x=1710009494; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=PcWNGX3oMEM2+5nw5qYlKjdW704JId+Zvur6MgbmkTk=; b=BYIDXTBOxdqFEJD6zN2c4guN85kgC3oa7xq9q+JzEhGQB/5Kjxw0hP+5GwPZHAdzAo 64o7dKFupEk5/U+xjS30Cf7edQAvASyMO8Ep+IAs5NeLEN3JTzjCre2+lSKFI61u8pHa 1TfmdqCIWKoZwehK4Y8b3Q/F9tc4YWkl3jvSQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709404694; x=1710009494; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=PcWNGX3oMEM2+5nw5qYlKjdW704JId+Zvur6MgbmkTk=; b=KVqG+mGIqYzJCzAyXQwAYVaRgEXiReWzPzDjrNRa1FP/+FYoOI1YN+t3cT3ZkTqVsM CnfbIuw6qjRTPzNgTtwmNrbunU0ak78plHZNH8E3W07n/efwtD0dEu/bp/yHoxyaz28M eXt6zUWfrGiKun1DcePKvjg/8ociuNezr1h2fVKweDYMbNZEQ566whs1AbQhq5SWH2nr yuSqGxUQJSzEUjOrdWVOB30tOc+QrScpVkG98Bqb6WrwHhNBbfQ5Kkra7aSB6joN/IQZ S6lrSlLBnq3QLxdmB9QaNs1eRXj1crR6QMZMJR0oLrqEEE6deIXbTNs/WPod4qqSsMYv RY1A==
X-Forwarded-Encrypted: i=1; AJvYcCW5k6Qg50CaPk92UkyB5T34QXFU2dyN+u84kskkX8Ztb/fQlfO2VrBiYEJLi4R36N1I/0Q6/hpQKUc81NOMOd35
X-Gm-Message-State: AOJu0YxRwMgPgAhWI8ICQG5DL+myG+D4aQzsw0kZZAWelrVQCGi0iRuQ vOBv5ZNKboV7M7KM9KmQxZPnIiylf/uCTfnWAs5D9Z3/7bksvPhJKA22xYCWPKF5ncsmfHkHRrB k8WGIZy4UHsgTBxOLDmYjU0oVpI71DgAxyhqL9A==
X-Google-Smtp-Source: AGHT+IFUMgqDBo4DV1ti9lkH6rl1JMT4j04IUpeMA8s7q0rvCLz2SHonhrRAOFGSdemdRc7/bY9HKEoMSFXeoYfYPP8=
X-Received: by 2002:a17:906:e099:b0:a44:2ba0:8200 with SMTP id gh25-20020a170906e09900b00a442ba08200mr3411647ejb.26.1709404693627; Sat, 02 Mar 2024 10:38:13 -0800 (PST)
MIME-Version: 1.0
References: <170915108720.25797.11710201625758724143@ietfa.amsl.com> <0100018dfc51682b-6ce95f8b-3682-4582-b3f7-b107f08fbd38-000000@email.amazonses.com>
In-Reply-To: <0100018dfc51682b-6ce95f8b-3682-4582-b3f7-b107f08fbd38-000000@email.amazonses.com>
From: Paul Wouters <paul.wouters@aiven.io>
Date: Sat, 02 Mar 2024 13:38:02 -0500
Message-ID: <CAGL5yWax8pfsjrcQkoRn5n9NAda6NWcHYbnTMnpFUnNJFprf6w@mail.gmail.com>
To: Kent Watsen <kent+ietf@watsen.net>
Cc: The IESG <iesg@ietf.org>, draft-ietf-netconf-ssh-client-server@ietf.org, "netconf-chairs@ietf.org" <netconf-chairs@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>, "Per Andersson (perander)" <perander@cisco.com>, Mahesh Jethanandani <mjethanandani@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000008ae0150612b1cbb0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/j1K0yKhTRgqMqyFkcrGugUgLCxM>
Subject: Re: [netconf] Paul Wouters' Discuss on draft-ietf-netconf-ssh-client-server-38: (with DISCUSS and COMMENT)
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Mar 2024 18:38:20 -0000
On Fri, Mar 1, 2024 at 6:20 PM Kent Watsen <kent+ietf@watsen.net> wrote: > > For your four question marks: > > 1) "The ssh client allows to set the source IP. Should that not be exposed > here to support picking the right source IP on multihomed nodes?” > > Yes, TCP-level source address/port can be configured, assuming a > higher-level “stack” includes the "ietf-tcp-client" grouping. Here’s an > example [1] of the "tcp-client-grouping" configuring both a local address > and a local port. With regards to "multihomed nodes”, or VRFs in > general, there was a decision a long time back to have those configurations > be augmented into the YANG data model. > > [1] > https://datatracker.ietf.org/doc/html/draft-ietf-netconf-tcp-client-server-22#section-3.2 > > To be constructive, I have added the following to the Introduction > section, in both this draft and also the tls-client-server draft: > > The groupings defined in this document are expected to be used in > conjuction with the groupings defined in <xref > target="I-D.ietf-netconf-tcp-client-server"/>. > For instance, to configure the remote address/port and local address/port. > > Hopefully this clears your DISCUSS on this point. > It does, thanks for the extra work! > > 2) "Similarly, this does not seem to support ports != 22 ?” > > This document cannot, in its current form, specify any default port > values. Fixing this would entail defining a new grouping called, e.g., > “ssh-client-stack-grouping” grouping, much like exemplified in the netconf-client-server > draft here: > https://datatracker.ietf.org/doc/html/draft-ietf-netconf-netconf-client-server#section-3.2. > One can see that the "tcp-server-parameters” are independent of the > "ssh-server-parameters”. Makes sense? > > Hopefully this clears your DISCUSS on this point. > Yes. > 3) "And seeing people are starting to experiment with ssh over QUIC or > HTTP/3, perhaps a protocol should be added as well?” > > Support for SSH over QUIC can be added by a future-work augment statement > into this YANG structure. Does the document need to say this explicitly? > > Hopefully this clears your DISCUSS on this point. > Yes. > > 4) “Is compression an option that should be exposed here?” > > The “03 - 04” change log entry says: > > Removed the compression algorithms as they are not > commonly configurable in vendors' implementations. > > The expectation is that higher-level modules will augment-in these details > if needed. > > FWIW, the modules presented in this document are somewhat barebones, as > far as configurable options go. The focus is primarily on the crypto > parts, letting application-layer YANG modules add (via YANG “augment” > statements) what extra nodes needed. Makes sense? > > Hopefully this clears your DISCUSS on this point. > Yes. > 2) server options > > I think the idle timeout might be a useful server option to expose here? It > seems the best place for it instead of placing it in another ssh server > module > to include ? > > > Already there are “max-wait” and “max-attempts” nodes in the > “ssh-client-grouping” here > https://datatracker.ietf.org/doc/html/draft-ietf-netconf-ssh-client-server-38#section-3.1.2.1. > The “description” statement says: > > "An unresponsive SSH server is dropped after approximately max-wait * > max-attempts seconds." > > Doesn't this cover the concept of an “idle timeout” as well? Idle timeout > is the same as the drop time? > No. The server timeout is for when a client's TCP conection is still working and/or doing keepalives, but the application level user is doing nothing. eg of the "ssh user" is idle, not just the "tcp session". I thought if at this level you would have the ssh keepalives for the client's behind NAT, this might also be the level for the server to kick out idle clients. Consider it a non-blocking comment though on whether you think it should be added or not. > 3) algorithms, names and IANA entries > > 2.2. Example Usage > > This uses older ctr/cbc algorrithms, why not use more modern examples? > I'd recommend removing the cbc examples and including the well known AEAD > ones instead? (see also the catch below) > > > I have remove all of the “cbs” examples. > I have added two AEAD examples. > Thanks Note openssh uses names like chacha20-poly1305@openssh.com, aes128-gcm@openssh.com,aes256-gcm@openssh.com while the IANA registry uses names like AEAD_AES_128_GCM and AEAD_AES_256_GCM. How does this relates to names in the document, which uses "aead-aes-256-gcm" which is not an IANA value, but presumably points to AEAD_AES_256_GCM and aes256-gcm@openssh.com ? I think some guidance or explanation about the valid value names here compared to IANA and OpenSSH would be useful. I believe the "@" ones are non-IETF namespaces I made a mistake - the "aead-aes-256-gcm” entry has been removed. Concerningly, the YANG validator didn’t catch that it was an unknown value…grrr :) I would also include at least one "@" encryption name to ensure people know those are valid syntax as well. I do not know if AEAD_AES_256_GCM is the same as aes256-gcm@openssh.com I’m confused, where are these ‘@‘ variations defined? They are not defined in the Encryption Algorithm Name registry here: https://www.iana.org/assignments/ssh-parameters/ssh-parameters-17.csv So I believe the SSH protocol uses "namespaces" for some algorithms. If there is no "@" symbol it means the IETF / IANA namespace. But OpenSSH has its own namespace with its own entries. That's why I thought it might be useful to add these to ensure people are aware that this is valid syntax as well. What should the <mac> field list for AEAD algorithms? Just be empty? Or a special "none" value? Or should the field be entirely omitted? Is there guidance needed here? (Sorry I am not a yang doctor) I’m a retired YANG Doctor ;) Nowhere in the current suite of client-server drafts is there a configuration for Mac addresses. If such configuration were to exist anywhere, it might be in the tcp-client-server draft, or maybe some new “ip-client-server” draft. In any case, it is unclear how this is important... The "mac" is belongs to the algorithms and is not related to "mac addresses". Eg AES-CBC-SHA2, the "SHA2" part is the integrity aka mac. For AEAD algorithms such as AES-GCM and CHACHA-POLY, the integrity/mac part is integral to the encryption algorithm, so it has no separate "mac". So my question was, when using an AEAD, what is expected for the <mac> field? Should it be empty? Should it be absent? Should it contain a value "none"? So I was wondering if guidance should be given here about what is valid/allowed and what is not. The value diffie-hellman-group-exchange-sha256 is a valid IANA registry name but points to a MAY entry. I would pick a MUST or SHOULD entry for examples, in this case diffie-hellman-group14-sha256. Similar, the example gss-group1-sha1-curve25519-sha256 is actually a SHOULD NOT implement entry. Similar the mac " really has an IANA entry of AEAD_AES_256_GCM. I removed the "diffie-hellman-group-exchange-sha256” and "gss-group1-sha1-curve25519-sha25”, and "aead-aes-256-gcm” entries. > > I added a AEAD_AES_256_GCM entry. > Thanks. > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > C1) hashed-password ? > > The example "$0$secret" uses the most unsafe option as example. "secret" > is not a hash. It is cleartext based on RFC 7317 "crypt-hash". Maybe give > an example with an actual hashed password as well? Maybe change "secret" > to "cleartext-password" ? > > > RFC 7317 says: > > The '$0$' prefix signals that the value is clear text. When > such a value is received by the server, a hash value is > calculated, and the string '$<id>$<salt>$' or > $<id>$<parameter>$<salt>$ is prepended to the result. This > value is stored in the configuration data store. > > So the example is correctly showing a valid input document. > It is but the text "secret" is not a TYPE but a VALUE. Eg you are using a secret of "secret". I wasn't sure if that was very clear. That also does not make it entirely clear of the secret is cleartext or some other format (without reading 7317). If you used "ExampleSecret", that would be more clear. > > I cannot rename to the node to “cleartext-password” as 1) that name > is being used already, for real cleartext passwords, and 2) the > “hashed-password” field is defined as being polymorphic, i.e., > having an expected implicit change if the $0$ prefix is received. > I was not talking about the node name as far as I know ? > > I hope you see now that this example is valid. > > > Since RFC 7317 only defines crypt-hash 0,1,5 and 6 there is some > ambiguity here for hashed passwords based on other algorithms. My > crypt(5) man page also supports script, yescript, bcrypt, NT. But not > argon. But I guess this is an issue for RFC 7317, and not this document. > > > Yes, that should be captured in a document update to RFC 7317. > I'll wait with updating my ballot until we understood each other regarding the "@" namespace and <mac> topics. Paul Paul
- [netconf] Paul Wouters' Discuss on draft-ietf-net… Paul Wouters via Datatracker
- Re: [netconf] Paul Wouters' Discuss on draft-ietf… Kent Watsen
- Re: [netconf] Paul Wouters' Discuss on draft-ietf… Paul Wouters
- Re: [netconf] Paul Wouters' Discuss on draft-ietf… Kent Watsen
- Re: [netconf] Paul Wouters' Discuss on draft-ietf… Paul Wouters
- Re: [netconf] Paul Wouters' Discuss on draft-ietf… Kent Watsen
- Re: [netconf] Paul Wouters' Discuss on draft-ietf… Paul Wouters