proposal: x/crypto/ssh: expose client/sever supported algorithms #46638
Labels
Milestone
Comments
ianlancetaylor
changed the title
ianlancetaylor
added
the
Proposal-Crypto
|
CC @FiloSottile |
|
I believe this can be closed as a duplicate of the declined #46232 |
This is not a duplicate, the referenced issue seems to be about the package as a whole supporting various algo types. This issue is specifically about exposing what algorithms a client and server have negotiated as supporting during the connection setup process. Today there is no way to retrieve what was exposed by the client or server as acceptable options. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When working with a variety of SSH client/server software, it can be useful to expose the supported Key Exchange, MAC, and Ciphers for both client and server side. Primarily this allows someone to answer questions like, "if we remove support for X, will any of our clients fail?."
When looking into this, initially I thought we could expose this on the
ConnMetadatainterface (*sshConnimplements this), and additionally extendssh.Clientwith a newGetConnMetadata() ConnMetadatafunction which returns the underlying*sshConn.This would involve exposing the values stored in the server/client
*kexInitMsgon up, possibly through new fields on*handshakeTransportasclientInitMsg *kexInitMsgandserverInitMsg *kexInitMsg.Is this something that would be appropriate for a PR or are other implementation options preferred here?
The text was updated successfully, but these errors were encountered: