The Nest
Explore
60
Pure-Rust asynchronous SSH library, both client and server

#79 Server: send an SSH_MSG_EXT_INFO server-sig-algs extension message

Closed on April 23, 2023
Robin_Jadoul on April 12, 2023

When the client indicates they support receiving EXT_INFO messages (by sending ext-info-c in their list of supported algorithms), we can send such a message for the server-sig-algs extension. This allows negotiation of more modern rsa signatures for authentication, since ssh-rsa still uses SHA1 and as such is commonly disabled in modern clients.

Robin_Jadoul added a change on April 12, 2023
(no change message) created on April 10, 2023
4XWMB23AZ7EZPJIY54YRCSY7CHFO5EIBCAAJDJDJ2X2TNBHJIEDQC
main
Robin_Jadoul added a change on April 12, 2023
cargo fmt created on April 10, 2023
TAOFQAIISOBF3NJ5BG72NRG5JSTIJN4X2QZXFPB75US6WTFSK7DQC
main
Robin_Jadoul added a change on April 12, 2023
Send a SSH_MSG_EXT_INFO with server-sig-algs when the client indicates they support extensions by sending ext-info-c. This allows modern clients that don't do ssh-rsa anymore because of sha1 to still use RSA keys with sha2.
EUHO3DAZ4D3LMHYJDLVLXBHIFAUKXMNFNDLE5ZHG4T7SVJMG55EAC
main
Robin_Jadoul added a change on April 12, 2023
use extend_list instead of hand-rolling comma-separation
PV47WDPWMDJK2VYNYQOLSDCJX5FFTNDD4PYCKLUHW2YXWCPPL6WQC
Robin_Jadoul added a change on April 12, 2023
use extend_list instead of hand-rolling comma-separation
CTQHOYXLRJPNE3PTAKLR3NOSBEBZ3T6QI2LEUYUATPK7FLIOJ44QC
main
pmeunier on April 23, 2023

Nice job, thanks!

pmeunier closed this discussion on April 23, 2023