Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto/ssh: Support OpenSSH protocol extension for host key rotation #14114

Closed
tt opened this issue Jan 27, 2016 · 2 comments
Closed

x/crypto/ssh: Support OpenSSH protocol extension for host key rotation #14114

tt opened this issue Jan 27, 2016 · 2 comments
Milestone

Comments

@tt
Copy link
Contributor

@tt tt commented Jan 27, 2016

OpenSSH supports a protocol extension for host key rotation. While it probably isn't widely deployed yet, the world would be better if it were. See this blog post for background information.

The AddHostKey function currently overwrites host keys of the same algorithm. I suspect this could be extended to track all keys and offer them to clients using the "hostkeys-00@openssh.com" message.

@ianlancetaylor ianlancetaylor added this to the Unreleased milestone Jan 27, 2016
@ianlancetaylor
Copy link
Contributor

@ianlancetaylor ianlancetaylor commented Jan 27, 2016

@hanwen
Copy link
Contributor

@hanwen hanwen commented Jan 27, 2016

in the handshake, the server can only offer one key of each type to the client. Hence, it doesn't make much sense to change AddHostKey.

The document you describe is a global request/response call, which can be implemented in the application layer, in particular, the request will be sent to the request channel returned from https://godoc.org/golang.org/x/crypto/ssh#NewServerConn . Since the SSH library doesn't include a real server application layer implementation, it's not obvious where to hook it up.

I have the following suggestion: you could write a set of functions that will let a client issue the request, let the server send a set of new keys, and let the client verify them. If you implement both sides, you can unittest them against each other. Then people can install these functions into clients or servers as they please.

I think these functions should live outside the SSH package proper, since it is an application level mechanism, and not really a protocol extension. If we have a library, we could put it into standard library as (say) x/crypto/ssh/keyrotate/

I am strongly in favor of putting any and all application extensions into separate packages, rather than adding them to the ssh library. This makes the SSH package more maintainable, and easier to understand to callers.

@tt tt closed this Nov 18, 2019
@golang golang locked and limited conversation to collaborators Nov 17, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.