[Cryptography] Why aren’t we using SSH for everything?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Mon Jan 5 08:29:08 EST 2015
Christoph Anton Mitterer <calestyo at scientia.net> writes:
>http://www.openssh.com/specs.html, there's the "SSH protocol version 2 vendor
>extensions" section which contains documents "standardising" all the OpenSSH
>extensions.
So the necessary information isn't quite on display in the bottom of a locked
filing cabinet stuck in a disused lavatory with a sign on the door saying
'Beware of the Leopard', but close: The page points to usr/bin/ssh/PROTOCOL
which takes you to
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL?rev=HEAD;content-type=text/plain
which is a CVS log with links to
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.bin/ssh/PROTOCOL?rev=1.24&content-type=text/plain
and then finally by grepping that for "etm" you get a rather terse two-
paragraph description of what OpenSSH does. Specifically, it looks like
OpenSSH does two things that I've argued for in the past, sending the length
field in plaintext so you don't have to decrypt and process unauth'd data in
order to see what comes next (in other words so you don't act as an oracle for
attackers), and using EtM.
Peter.
More information about the cryptography
mailing list