[Cryptography] Why aren’t we using SSH for everything?

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Jan 5 08:29:08 EST 2015

Christoph Anton Mitterer <calestyo at scientia.net> writes:

>http://www.openssh.com/specs.html, there's the "SSH protocol version 2 vendor
>extensions" section which contains documents "standardising" all the OpenSSH

So the necessary information isn't quite on display in the bottom of a locked
filing cabinet stuck in a disused lavatory with a sign on the door saying
'Beware of the Leopard', but close: The page points to usr/bin/ssh/PROTOCOL
which takes you to 
which is a CVS log with links to 
and then finally by grepping that for "etm" you get a rather terse two-
paragraph description of what OpenSSH does.  Specifically, it looks like
OpenSSH does two things that I've argued for in the past, sending the length
field in plaintext so you don't have to decrypt and process unauth'd data in
order to see what comes next (in other words so you don't act as an oracle for
attackers), and using EtM.


More information about the cryptography mailing list