[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: SSH key exchange in mid-session
[Thread Prev] | [Thread Next]
- Subject: RE: SSH key exchange in mid-session
- From: "Mark Riordan" <mriordan@xxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Thu, 12 Apr 2012 13:46:47 -0500
- To: <libssh@xxxxxxxxxx>
We finally found out the vendor of the SSH server in question: Tibco. We have yet to succeed in coordinating with the admin of that server to attempt a workaround. However, even if we succeed in working around the problem for this one server, I do want to support key reexchange in our SFTP client. So, before I tackle coding this myself in libssh, let me ask: Has anyone thought about where/how code changes would have to be made, and have any advice for me? Thanks, Mark R -----Original Message----- From: Aris Adamantiadis [mailto:aris@xxxxxxxxxxxx] Sent: Wednesday, April 04, 2012 2:59 PM To: libssh@xxxxxxxxxx Subject: Re: SSH key exchange in mid-session Hello, This is a known limitation, however this is the first time I get a report of this causing a real problem. You may try to work around by changing the cipher type to a cbc-based one, for which the key reexchange is less important for the security (and may be less restrictive). I've never heard about that specific ssh server, do you know more about it ? Thanks, Aris Le 4/04/12 21:54, Mark Riordan a écrit : > Does libssh support key exchange (KEX) in mid-session? > > We observed a situation during the download of a huge file in which > the session with our libssh-based client terminated abnormally > after just about 1 GB (1073745534 bytes, including some proxy overhead). > Upon repeated attempts, the session terminated abnormally at the same > point each time. > > The server in question identifies itself as "SSH-2.0-Internet Server SSHD". > > We suspect that the remote server is initiating a key exchange after 1 GB, > but this is just a hunch at this point. > > I looked at the libssh code and it seems to me that it does KEX > only at the beginning of a session. But I could be missing something. > > I have not been able to find mention of this in https://red.libssh.org/ > or during my limited search of the mailing list archive at > http://www.libssh.org/archive/ . > So, let me ask: Is this a known limitation with libssh? > > If not, I will proceed with turning on tracing (1 GB - ugghh) > to further investigate. > > Thanks, > > Mark > --------------------------------------------------------------- > Mark Riordan > Sr Software Developer > T. 608.824.3632 | mriordan@xxxxxxxxxxxx > > www.IpswitchFT.com > > > >
| Re: SSH key exchange in mid-session | Andreas Schneider <asn@xxxxxxxxxxxxxx> |
| SSH key exchange in mid-session | "Mark Riordan" <mriordan@xxxxxxxxxxxx> |
| Re: SSH key exchange in mid-session | Aris Adamantiadis <aris@xxxxxxxxxxxx> |