Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
disable sha1-based key exchanges #64
Following the very interesting post https://stribika.github.io/2015/01/04/secure-secure-shell.html by @stribika I think it would make sense to at least offer an option to disable sha1-based key exchanges on systems that support better ones.
What do you think?
Having a strong hash there is what prevents downgrade attacks. The KDF at the end of the key exchange doesn't only take s as input, but also the supported list of algorithms and the basically arbitrary banners. That overview I included is... let's call it simplified.
If you try to downgrade, Alice will end up calculating
Unless we are using a sufficiently broken hash. In that case, banner_nsa can be used to synchronize k again.
yes, this is a good point, but it should be configurable.
2015-01-07 18:48 GMT+01:00 Bernhard Weisshuhn (a.k.a. bernhorst) <