IETF Logo Mail Archive

RE: Feedback on draft-ssh-ext-info-00

Damien Miller <djm@mindrot.org> Thu, 03 December 2015 00:59 UTC

Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E4031AD367 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Wed, 2 Dec 2015 16:59:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gy-5W88o9rys for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Wed, 2 Dec 2015 16:59:41 -0800 (PST)
Received: from mail.netbsd.org (mail.NetBSD.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5695E1AD366 for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Wed, 2 Dec 2015 16:59:41 -0800 (PST)
Received: by mail.netbsd.org (Postfix, from userid 605) id 4282185EB0; Thu, 3 Dec 2015 00:59:40 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 6F0EF85E9E for <ietf-ssh@netbsd.org>; Thu, 3 Dec 2015 00:59:38 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id ixcWN-eZzfvH for <ietf-ssh@netbsd.org>; Thu, 3 Dec 2015 00:59:38 +0000 (UTC)
Received: from newmailhub.uq.edu.au (mailhub1.soe.uq.edu.au [130.102.132.208]) by mail.netbsd.org (Postfix) with ESMTP id 67C3A85E9A for <ietf-ssh@netbsd.org>; Thu, 3 Dec 2015 00:59:35 +0000 (UTC)
Received: from smtp1.soe.uq.edu.au (smtp1.soe.uq.edu.au [10.138.113.40]) by newmailhub.uq.edu.au (8.14.5/8.14.5) with ESMTP id tB2NsRjq007474; Thu, 3 Dec 2015 09:54:27 +1000
Received: from mailhub.eait.uq.edu.au (hazel.eait.uq.edu.au [130.102.60.17]) by smtp1.soe.uq.edu.au (8.14.5/8.14.5) with ESMTP id tB2NsRub030545 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 3 Dec 2015 09:54:27 +1000
Received: from natsu.mindrot.org (natsu.mindrot.org [130.102.96.2]) by mailhub.eait.uq.edu.au (8.15.1/8.15.1) with ESMTP id tB2NsQSZ029310; Thu, 3 Dec 2015 09:54:26 +1000 (AEST)
Received: by natsu.mindrot.org (Postfix, from userid 1000) id C2807A4F32; Thu, 3 Dec 2015 10:54:26 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1]) by natsu.mindrot.org (Postfix) with ESMTP id C1E0CA4F30; Thu, 3 Dec 2015 10:54:26 +1100 (AEDT)
Date: Thu, 03 Dec 2015 10:54:26 +1100
From: Damien Miller <djm@mindrot.org>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
cc: Markus Friedl <mfriedl@gmail.com>, "ietf-ssh@netbsd.org" <ietf-ssh@netbsd.org>
Subject: RE: Feedback on draft-ssh-ext-info-00
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73F4B9722B@uxcn10-5.UoA.auckland.ac.nz>
Message-ID: <alpine.BSO.2.20.1512031049470.12629@natsu.mindrot.org>
References: <alpine.BSO.2.20.1512022156200.12629@natsu.mindrot.org>, <E61137AC-8E9A-45CE-A68F-422F5BE319DA@gmail.com> <9A043F3CF02CD34C8E74AC1594475C73F4B9722B@uxcn10-5.UoA.auckland.ac.nz>
User-Agent: Alpine 2.20 (BSO 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
X-Scanned-By: MIMEDefang 2.73 on UQ Mailhub
X-Scanned-By: MIMEDefang 2.75 on 130.102.60.17
X-UQ-FilterTime: 1449100467
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list

On Wed, 2 Dec 2015, Peter Gutmann wrote:

> Markus Friedl <mfriedl@gmail.com> writes:
> 
> >I'm in the process of implementing draft-rsa-dsa-sha2-256-03 and welcome a 
> >way for signaling SHA2 support to the client for userauth,
> 
> Doesn't the presence of "rsa-sha2-256" do this?  The client proposes it, and
> if the server supports it, they indicate via the algorithm string.  It's
> pretty much independent of draft-ssh-ext-info-00 (I know it specifies
> "server-sig-algs", but it seems that specifying "rsa-sha2-256" was already
> sufficient to indicate this).

The problem is that, for a client to test whether rsa-sha2-256 is supported,
it must make publickey userauth with an included signature. A
signature free PK_OK style request won't do since the key blob just
contains ssh-rsa and not the signature algorithm.

Making a signature-ful request means unwrapping the private key and,
depending on the implementation, burning an authentication attempt
at the server.

Even then, the client only gets back a USERAUTH_FAILURE that doesn't
indicate whether the attempt was refused because of the key itself,
additional restrictions on the key or because the signature algorithm
is not supported.

-d

v2.23.0 | Report a Bug | By Email