Re: Fixing exchange of host keys in the SSH key exchange

["denis bider \(Bitvise\)" <ietf-ssh3@denisbider.com>]

This is currently the most comprehensive list of SSH implementations I’m familiar with:

http://ssh-comparison.quendi.de/

It’s done by Max Horn, who participated on this list as recently as in September, so he might be reading.

Come to think of it – Max’s SSH comparison might be an excellent way to figure out how many servers will reject text from the client before the SSH version string. I understand that this might be quite a bit of work. However, Bitvise would be willing to sponsor such an effort. 

Max? Are you there? :-)


From: Peter Gutmann 
Sent: Monday, March 27, 2017 17:57
To: denis bider (Bitvise) ; Mouse ; ietf-ssh@NetBSD.org 
Subject: Re: Fixing exchange of host keys in the SSH key exchange

denis bider (Bitvise) <ietf-ssh3@denisbider.com> writes:

>The obstacle seems to be getting people together. Those of us who’ve been
>around for 15 years may be on this mailing list. I’m not sure if this is true
>for authors of newer implementations, who might benefit from this information
>most.

We can't solve every possible problem with incompatibilities, but we can at
least get good coverage of a lot of them.  I think there are quite a few
oddball SSH implementations whose developers have never been on this list and
who we can't get to, but it can at least help those on the list.

Just thinking about this a bit more, we'd maybe need two things, a means of
discussing quirks of other implementations, and an (informal) registry of SSH
ID strings and who to contact if you find a problem with that ID, because
that's been another problem, "I've found a bug with X, who do I report it
to?".  Going through standard tech-support channels often doesn't work because
you're not a customer and there's no obvious way to get past the front-end
people to talk to a developer.

Peter.