Allow custom SFTP algorithm selection

[klauspost]

Description

Fixes #18986

Allow custom algorithms for various parts of SFTP.
Algorithms are comma separated.
Note that valid values does not in all cases represent default values.

--sftp=pub-key-algos=... specifies the supported client public key authentication algorithms. Note that this doesn't include certificate types since those use the underlying algorithm. This list is sent to the client if it supports the server-sig-algs extension. Order is irrelevant.

Valid values

ssh-ed25519
sk-ssh-ed25519@openssh.com
sk-ecdsa-sha2-nistp256@openssh.com
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521
rsa-sha2-256
rsa-sha2-512
ssh-rsa
ssh-dss

--sftp=kex-algos=... specifies the supported key-exchange algorithms in preference order.

Valid values:

curve25519-sha256
curve25519-sha256@libssh.org
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group14-sha1
diffie-hellman-group1-sha1

--sftp=cipher-algos=... specifies the allowed cipher algorithms. If unspecified then a sensible default is used.

Valid values:

aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com
arcfour256
arcfour128
arcfour
aes128-cbc
3des-cbc

--sftp=mac-algos=... specifies a default set of MAC algorithms in preference order. This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed because they have reached the end of their useful life.

Valid values:

hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-sha2-256
hmac-sha2-512
hmac-sha1
hmac-sha1-96

How to test this PR?

Add parameters to minio as described.

Types of changes

• New feature (non-breaking change which adds functionality)

[olljanat]

@klauspost looks that it works only partly. I tested with Docker compose file like this:

services:
  node:
    image: quay.io/minio/minio:RELEASE.2024-05-01T01-11-10Z
    command:
    - server
    - --address=:443
    - --certs-dir=/data/certs
    - --sftp=address=:22
    - --sftp=ssh-private-key=/data/id_ecdsa
    - --sftp=pub-key-algos=ssh-ed25519,rsa-sha2-256,rsa-sha2-512
    - --sftp=kex-algos=curve25519-sha256,curve25519-sha256@libssh.org
    - --sftp=cipher-algos=aes256-ctr,aes192-ctr,aes128-ctr
    #- --sftp=mac-algos=hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96
    - https://minio1/data/{1...2}

Which works fine but if I comment out that --sftp=mac-algos command (which should just set default algos), MinIO still starts without complaining about incorrect algos but connection from client fail and this gets written to MinIO log:

minio1  | Error: ssh: no common algorithm for client to server cipher; client offered: [aes256-ctr aes256-cbc rijndael-cbc@lysator.liu.se aes192-ctr aes192-cbc aes128-ctr aes128-cbc chacha20-poly1305@openssh.com aes128-gcm@openssh.com aes256-gcm@openssh.com 3des-ctr 3des-cbc blowfish-ctr blowfish-cbc arcfour256 arcfour128], server offered: [] (*errors.errorString)
minio1  |        5: internal/logger/logonce.go:118:logger.(*logOnceType).logOnceIf()
minio1  |        4: internal/logger/logonce.go:149:logger.LogOnceIf()
minio1  |        3: cmd/logging.go:178:cmd.sftpLogOnceIf()
minio1  |        2: cmd/sftp-server.go:129:cmd.(*sftpLogger).Error()
minio1  |        1: github.com/minio/pkg/v2@v2.0.17/sftp/sftp.go:212:sftp.(*Server).handleConnection()

[klauspost]

@olljanat Thanks for the report. I'll check it out.

[klauspost]

@olljanat Yes. There was a typo. Fix in #19643