Adding algorithm type information to algorithm negotiation log

[jgolda]

Hello,

Currently the logs printed during opening of sftp connection are as follows:

Connecting to localhost port 22
Connection established
Remote version string: SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
Local version string: SSH-2.0-JSCH_0.2.7
CheckCiphers: chacha20-poly1305@openssh.com
CheckKexes: curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
CheckSignatures: ssh-ed25519,ssh-ed448
server_host_key proposal before known_host reordering is: ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,ssh-ed25519,ssh-ed448,ssh-rsa,ssh-rsa-sha224@ssh.com,ssh-rsa-sha256@ssh.com,ssh-rsa-sha384@ssh.com,ssh-rsa-sha512@ssh.com
server_host_key proposal after known_host reordering is: ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,ssh-ed25519,ssh-ed448,ssh-rsa,ssh-rsa-sha224@ssh.com,ssh-rsa-sha256@ssh.com,ssh-rsa-sha384@ssh.com,ssh-rsa-sha512@ssh.com
SSH_MSG_KEXINIT sent
SSH_MSG_KEXINIT received
kex: server: curve25519-sha256,curve25519-sha256@libssh.org
kex: server: rsa-sha2-512,rsa-sha2-256
kex: server: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr
kex: server: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr
kex: server: hmac-md5-96,hmac-md5-96-etm@openssh.com
kex: server: hmac-md5-96,hmac-md5-96-etm@openssh.com
kex: server: none,zlib@openssh.com
kex: server: none,zlib@openssh.com
kex: server:
kex: server:
kex: client: curve25519-sha256@libssh.org,curve448-sha512
kex: client: ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256
kex: client: aes192-ctr,aes256-ctr
kex: client: aes192-ctr,aes256-ctr
kex: client: hmac-md5-96,hmac-md5-96-etm@openssh.com
kex: client: hmac-md5,hmac-md5-96,hmac-md5-96-etm@openssh.com
kex: client: none,zlib@openssh.com
kex: client: none,zlib
kex: client:
kex: client:
kex: algorithm: curve25519-sha256@libssh.org
kex: host key algorithm: rsa-sha2-256
kex: server->client cipher: aes192-ctr MAC: hmac-md5 compression: none
kex: client->server cipher: aes192-ctr MAC: hmac-md5-96 compression: none
SSH_MSG_KEX_ECDH_INIT sent
expecting SSH_MSG_KEX_ECDH_REPLY
ssh_rsa_verify: rsa-sha2-256 signature true
Permanently added 'localhost' (RSA) to the list of known hosts.
SSH_MSG_NEWKEYS sent
SSH_MSG_NEWKEYS received
SSH_MSG_SERVICE_REQUEST sent
SSH_MSG_EXT_INFO received
server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
SSH_MSG_SERVICE_ACCEPT received
Authentications that can continue: publickey,keyboard-interactive,password
Next authentication method: publickey
Authentications that can continue: password
Next authentication method: password
Authentication succeeded (password).
Disconnecting from localhost port 22

The part i'm interested in is:

kex: server: curve25519-sha256,curve25519-sha256@libssh.org
kex: server: rsa-sha2-512,rsa-sha2-256
kex: server: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr
kex: server: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr
kex: server: hmac-md5-96,hmac-md5-96-etm@openssh.com
kex: server: hmac-md5-96,hmac-md5-96-etm@openssh.com
kex: server: none,zlib@openssh.com
kex: server: none,zlib@openssh.com
kex: server:
kex: server:
kex: client: curve25519-sha256@libssh.org,curve448-sha512
kex: client: ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256
kex: client: aes192-ctr,aes256-ctr
kex: client: aes192-ctr,aes256-ctr
kex: client: hmac-md5-96,hmac-md5-96-etm@openssh.com
kex: client: hmac-md5,hmac-md5-96,hmac-md5-96-etm@openssh.com
kex: client: none,zlib@openssh.com
kex: client: none,zlib
kex: client:
kex: client:

Every line contains algorithms of different type, which could be separately configured. Unfortunatelly there is no clue here as to the type of algorithm (eg. key exchange, cipher c2s, cipher s2c etc.). I know it can be worked out from the structure of the key exchange message described in the RFC, but doing so still requires some effort. It would make life easier if every line contained some sort of indication of the algorithm type it contains, for example:

kex: server: key exachange algorithms: curve25519-sha256,curve25519-sha256@libssh.org
kex: server: host key algorithms: rsa-sha2-512,rsa-sha2-256
kex: server: ciphers c2s: chacha20-poly1305@openssh.com,aes128-ctr
kex: server: ciphers s2c: chacha20-poly1305@openssh.com,aes128-ctr
kex: server: macs c2s: umac-64-etm@openssh.com,umac-128-etm@openssh.com
kex: server: macs s2c: umac-64-etm@openssh.com,umac-128-etm@openssh.com
kex: server: compressions c2s: none,zlib@openssh.com
kex: server: compressions s2c: none,zlib@openssh.com
kex: server: languages c2s:
kex: server: languages s2c:
kex: client: key exachange algorithms: curve25519-sha256@libssh.org,curve448-sha512
kex: client: host key algorithms: ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256
kex: client: ciphers c2s: aes192-ctr,aes256-ctr
kex: client: ciphers s2c: aes192-ctr,aes256-ctr
kex: client: macs c2s: hmac-md5-96,hmac-md5-96-etm@openssh.com
kex: client: macs s2c: hmac-md5,hmac-md5-96,hmac-md5-96-etm@openssh.com
kex: client: compressions c2s: none,zlib@openssh.com
kex: client: compressions s2c: none,zlib
kex: client: languages c2s:
kex: client: languages s2c:

Similar log is printed by OpenSSH, relevant fragment:

ssh user@localhost -vvv
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,3des-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,3des-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-md5-96,hmac-sha1-96,hmac-md5-etm@openssh.com,hmac-sha1-96-etm@openssh.com
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-md5-96,hmac-sha1-96,hmac-md5-etm@openssh.com,hmac-sha1-96-etm@openssh.com
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:

If you're interested in this feature, i'll prepare a pull request for it

[norrisjeremy]

Hi @jgolda,

I've made changes in #290 to try and implement this.
If you would like to test and confirm, you can download a snapshot build from here.

Thanks,
Jeremy

[mwiede]

fixed with 0.2.8