IETF Logo Mail Archive

Re: [Pqc] Mapping the state of PQC and IETF - ssh

Thom Wiggers <thom@thomwiggers.nl> Fri, 10 March 2023 15:16 UTC

Return-Path: <thom@thomwiggers.nl>
X-Original-To: pqc@ietfa.amsl.com
Delivered-To: pqc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BC86C1907A6 for <pqc@ietfa.amsl.com>; Fri, 10 Mar 2023 07:16:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=thomwiggers.nl
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2AfctZFbVWxK for <pqc@ietfa.amsl.com>; Fri, 10 Mar 2023 07:16:49 -0800 (PST)
Received: from mail-yb1-xb34.google.com (mail-yb1-xb34.google.com [IPv6:2607:f8b0:4864:20::b34]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 807F5C151541 for <pqc@ietf.org>; Fri, 10 Mar 2023 07:16:49 -0800 (PST)
Received: by mail-yb1-xb34.google.com with SMTP id t4so5605704ybg.11 for <pqc@ietf.org>; Fri, 10 Mar 2023 07:16:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thomwiggers.nl; s=google; t=1678461408; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=6qZL10CB7Zxy+kuuDGHvaD8PYzFNSqDlTat7KhooOIQ=; b=N+xlVQnFKZclw/S4ck0Odv15IcM3ud1xzVltO+YMVTnP9OyERlTfZ8ohrMCP+HEmNz 9GzI1TA7ptjgqhUJUpCXKViLgvQoOGn31AFIXuYm7dCLY7OMinLi+kwX866PlkQh2Uqg soD8ONp/KvdgtQ/3AZp9GeqF31irc0BkPCUIo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678461408; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=6qZL10CB7Zxy+kuuDGHvaD8PYzFNSqDlTat7KhooOIQ=; b=Zg+8xdGj7IWo4SnKa5qw83U9jHTaAd+JsJaoizpFhQzdawTByKmvt7XJRTvzVAK/EI kZlerUy+naeukXEmXd5PNEO0OPZkeXqJOYXKeXVbOMn1t+IslwCgaVLjkoTruisX+ZD4 uopHKt1tItBK8CTSXrnpHcgXuOLD6Ux/rPzEyGiIJfagIfe+f9B7Qdt79Qjh+7uabnwm FR3YMCIjuC+sXE6vnfhtsO5L1TetEYpdJmvTGpkuOUUM6IlMyGFGRJx45X69YVIv6vAD pst51FHsAIXVqjCbX3fdfcbO1xPinAcy56d1c7UjKHpueU4GQG3ZXYMTh2EV9UTeOi54 0zjw==
X-Gm-Message-State: AO0yUKXOZjJgwkxhlWhYs/jrcl2C9K/CJz/wDnQwA6PWHAApxwkK8fWo 6WktN1Dx/VCbX+2QEkO4tMfP2N/joaiV6Cqdosbx/2aE0Mfa9uxapzvN8w==
X-Google-Smtp-Source: AK7set8Qj7UPCozkEytswooqQmT6l0exGryWS0Bi/aXJpJ/khJroU0Y0Z9fGTtf6WdeZBH6KvwrsZ/JqQl8Y5IzZbMg=
X-Received: by 2002:a25:e911:0:b0:af7:1b45:1240 with SMTP id n17-20020a25e911000000b00af71b451240mr8335998ybd.11.1678461408410; Fri, 10 Mar 2023 07:16:48 -0800 (PST)
MIME-Version: 1.0
References: <20230303112532.1126239.qmail@cr.yp.to> <b086d1fb-c8a6-80df-320e-cd92e7ec2602@gmail.com> <CABzBS7k2FSWxu--eNVe8-ptPPcJ+qRVosmE2TmsjSXi_v8czBg@mail.gmail.com> <80fec8fc-2a8a-3a1d-d29f-30120b4ea6ca@gmail.com>
In-Reply-To: <80fec8fc-2a8a-3a1d-d29f-30120b4ea6ca@gmail.com>
From: Thom Wiggers <thom@thomwiggers.nl>
Date: Fri, 10 Mar 2023 16:16:32 +0100
Message-ID: <CABzBS7kLbyBLzY2ftPSkxkZHn8dcrKekdDEu+2u3DzWnDG=SWw@mail.gmail.com>
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Cc: pqc@ietf.org
Content-Type: multipart/alternative; boundary="00000000000004956305f68d4039"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pqc/YFOLMn4BVrMo7LX1ZC6dLX17jKU>
Subject: Re: [Pqc] Mapping the state of PQC and IETF - ssh
X-BeenThere: pqc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Post Quantum Cryptography discussion list <pqc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pqc>, <mailto:pqc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pqc/>
List-Post: <mailto:pqc@ietf.org>
List-Help: <mailto:pqc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pqc>, <mailto:pqc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Mar 2023 15:16:53 -0000

Hi Alexandre

Op vr 10 mrt 2023 om 15:19 schreef Alexandre Petrescu <
alexandre.petrescu@gmail.com>:

> Let me ask this: when I call 'ssh' in command line without any other
> argument than the destination host address - is NTRUPrime being used?
> Or do I have to type in some additional option like -qr or -ntruprime or
> similar?
>

If you have SSH 8.9 or above AND the remote server supports NTRU Prime,
that should be used by default, yes, unless you have something else
configured. If you want to force it, you can do:

ssh -o KexAlgorithms=sntrup761x25519-sha512@openssh.com <user>@<hostname>

If the remote server does not support it, SSH will tell you.

Cheers,

Thom


> Alex
>
> >
> > Cheers,
> >
> > Thom
> >
> > Alex
> >
> > -- Pqc mailing list Pqc@ietf.org <mailto:Pqc@ietf.org>
> > https://www.ietf.org/mailman/listinfo/pqc
> > <https://www.ietf.org/mailman/listinfo/pqc>
> >
>

v2.23.0 | Report a Bug | By Email