Alon Bar-Lev
2015-12-23 15:13:16 UTC
Hello,
This hostkeys extension is great, reading[1]:
"""
OpenSSH supports a protocol extension allowing a server to inform a
client of all its protocol v.2 host keys after user-authentication has
completed.
"""
I wonder, why should user authentication be completed before this
functionality is available? This means that ssh-keyscan tool (for
example) cannot take advantage of the functionality.
The only reason I could think of (apart of sshd internal
implementation ordering) is to avoid cpu load attack of anonymous
clients forcing server to perform expensive operations.
However, a similar attack can be achieved by multiple connections and/or re-kex.
In sshd.c I see hostkeys-***@openssh.com sent before calling
do_authenticated(), so I even more curios.
Thanks!
Alon Bar-Lev.
[1] https://github.com/openssh/openssh-portable/blob/master/PROTOCOL#L284
This hostkeys extension is great, reading[1]:
"""
OpenSSH supports a protocol extension allowing a server to inform a
client of all its protocol v.2 host keys after user-authentication has
completed.
"""
I wonder, why should user authentication be completed before this
functionality is available? This means that ssh-keyscan tool (for
example) cannot take advantage of the functionality.
The only reason I could think of (apart of sshd internal
implementation ordering) is to avoid cpu load attack of anonymous
clients forcing server to perform expensive operations.
However, a similar attack can be achieved by multiple connections and/or re-kex.
In sshd.c I see hostkeys-***@openssh.com sent before calling
do_authenticated(), so I even more curios.
Thanks!
Alon Bar-Lev.
[1] https://github.com/openssh/openssh-portable/blob/master/PROTOCOL#L284