IETF Logo Mail Archive

Re: SSH key algorithm updates

denis bider <ietf-ssh3@denisbider.com> Sat, 07 November 2015 09:31 UTC

Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0F121B2E9F for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Sat, 7 Nov 2015 01:31:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S9u0MRLkqV6P for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Sat, 7 Nov 2015 01:31:45 -0800 (PST)
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C43F11B2E5D for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Sat, 7 Nov 2015 01:31:45 -0800 (PST)
Received: by mail.netbsd.org (Postfix, from userid 605) id 60B6514A204; Sat, 7 Nov 2015 09:31:45 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: by mail.netbsd.org (Postfix, from userid 1347) id 081EF14A200; Sat, 7 Nov 2015 09:31:45 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id AE15B14A3AA for <ietf-ssh@NetBSD.org>; Fri, 6 Nov 2015 17:59:03 +0000 (UTC)
X-Virus-Scanned: amavisd-new at NetBSD.org
Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id zCFYTTMsfTIX for <ietf-ssh@NetBSD.org>; Fri, 6 Nov 2015 17:59:02 +0000 (UTC)
Received: from skroderider.denisbider.com (skroderider.denisbider.com [50.18.172.175]) (using TLSv1.1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.netbsd.org (Postfix) with ESMTPS id D149214A3A5 for <ietf-ssh@NetBSD.org>; Fri, 6 Nov 2015 17:59:02 +0000 (UTC)
X-Footer: ZGVuaXNiaWRlci5jb20=
Received: from localhost ([127.0.0.1]) by skroderider.denisbider.com for postbox@quendi.de; Fri, 6 Nov 2015 17:59:00 +0000
Date: Fri, 06 Nov 2015 17:59:00 +0000
Subject: Re: SSH key algorithm updates
X-User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:42.0) Gecko/20100101 Firefox/42.0
Message-ID: <1955912751-3064@skroderider.denisbider.com>
X-Priority: 3
Importance: Normal
MIME-Version: 1.0
From: denis bider <ietf-ssh3@denisbider.com>
To: Max Horn <postbox@quendi.de>
Cc: ietf-ssh@NetBSD.org
Content-Type: multipart/alternative; boundary="=-avInWg/uR2pp+a3aQ7cR"
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list

> Also, of course there are implementations missing (one notable
> is Bitvise's; I started work on that, but had a hard time finding
> reliable a source for what they actually support and what not).

If you can run a Windows executable, you can simply download our stuff from our website:

https://www.bitvise.com/

Both the client and the server are free for use that is both personal and non-commercial. The client goes further than that, and is also free for individual use in organizations.

The following is what a default SSH Server installation (latest version 6.43) supports and enables at the moment. All algorithms listed are supported. Only the "true" ones are enabled by default:

> q algs.*
With kex {
  ecdhSecp256k1 true
  ecdhNistp256 true
  ecdhNistp384 true
  ecdhNistp521 true
  dhGexSha256 true
  dhGexSha1 true
  dhG1Sha1 false
  dhG14Sha1 true
  gssG1Sha1Krb5 false
  gssG14Sha1Krb5 true
  gssGexSha1Krb5 true
}
With encr {
  aes256-ctr true
  aes192-ctr true
  aes128-ctr true
  3des-ctr true
  aes256-cbc false
  aes192-cbc false
  aes128-cbc false
  3des-cbc false
  none false
}
With mac {
  hmac-sha2-256 true
  hmac-sha1 true
  hmac-md5 false
  hmac-sha2-256-96 false
  hmac-sha1-96 false
  hmac-md5-96 false
  none false
}
With cmpr {
  zlib true
  none true
  delayCompression false
}

Supported host key algorithms are:

ssh-rsa
ssh-dss
ecdsa-sha2 over secp256k1
ecdsa-sha2 over nistp256
ecdsa-sha2 over nistp384
ecdsa-sha2 over nistp521

Algorithms supported by our client mirror those in the server.

denis


----- Original Message -----
From: Max Horn 
Sent: Friday, November 6, 2015 03:08
To: ietf-ssh@NetBSD.org 
Cc: Mark D. Baushke 
Subject: Re: SSH key algorithm updates

Hi there,

just joined the list, but saw on the list archive that a few days ago,
Mark D. Baushke wrote on this thread:

> It would be useful to see what other protocols various SSH implementers
> have been adding and see if there is a desire to move any of them into a
> recommended or optional standard.

As a matter of fact, I started such a page some time ago:

  http://ssh-comparison.quendi.de/
  http://ssh-comparison.quendi.de/comparison.html

I tried my best to make it accurate, but of course cannot exclude mistakes.
Also, of course there are implementations missing (one notable is Bitvise's;
I started work on that, but had a hard time finding reliable a source for
what they actually support and what not).

Anyway, issue reports and pull request (also with info on additional
implementations) are most welcome:

  https://github.com/fingolfin/ssh-comparison

The comparison page shows for example that hmac-sha2-256 and hmac-sha2-512
support is quite good now; one notable SSH library not implementing it yet
in a released version is libssh2, but they will have it in the next release
(the code is in their repository already), which in turn should allow
various clients based on it to support it. Another exception is lsh.


Cheers,
max

v2.23.0 | Report a Bug | By Email