proposal: x/crypto/ssh: add a way to see pubkey signature algorithm

[imirkin]

Proposal Details

There was functionality recently introduced in golang/crypto@e944286 to expose negotiated algorithms. This includes the hostkey algo, but not for any pubkeys used to authenticate.

There is currently no way to detect which algo is used for e.g. rsa pubkeys, most interesting being ssh-rsa vs rsa-sha2-*.

One option is to provide it in the ConnMetadata given to the PublicKeyCallback with a similar cast as used for NegotiatedAlgorithms from the above change.

[seankhliao]

cc @drakkan

[drakkan]

@imirkin please take a look at this proposal. There is also a linked CL that I need to test more thoroughly. Would you like to help out?

[imirkin]

Ah yeah, that proposal definitely covers the functionality I proposed. I had seen it, but misunderstood what it was about. (In hindsight it was pretty clear.)

I'm happy to test stuff, but my usage is extremely vanilla.

Also, neither what I wrote above nor your proposal from what I can see addresses the ability to see what ends up being used from the client-side.

Basically the over-arching use-case is I want to remove usage of ssh-rsa signatures, but I also don't want to break stuff, so as a first step, I want to see who's using it. I have both incoming and outgoing ssh connections. I expect that I'm not alone in this type of position.

[drakkan]

@imirkin on the client side you can define a wrapper like this:

type signerWrapper struct {
	ssh.AlgorithmSigner
}

func (s signerWrapper) SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*ssh.Signature, error) {
	fmt.Printf("algorithm %q\n", algorithm)
	return s.AlgorithmSigner.SignWithAlgorithm(rand, data, algorithm)
}

and then use this it to log the used algorithm:

k, err := ssh.ParsePrivateKey(testkey)
if err != nil {
	panic(err)
}
auth := ssh.PublicKeys(signerWrapper{k.(ssh.AlgorithmSigner)})

[imirkin]

Ah, clever. Thanks!