[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SSH key exchange in mid-session

Thanks for your reply.

We are trying to find out what brand of server that is.
However, seemingly the key re-exchange after 1 GB isn't too rare;
it's even mentioned in Wikipedia:


-----Original Message-----
From: Aris Adamantiadis [mailto:aris@xxxxxxxxxxxx] 
Sent: Wednesday, April 04, 2012 2:59 PM
To: libssh@xxxxxxxxxx
Subject: Re: SSH key exchange in mid-session


This is a known limitation, however this is the first time I get a
report of this causing a real problem.
You may try to work around by changing the cipher type to a cbc-based
one, for which the key reexchange is less important for the security
(and may be less restrictive).

I've never heard about that specific ssh server, do you know more about it ?



Le 4/04/12 21:54, Mark Riordan a écrit :
> Does libssh support key exchange (KEX) in mid-session?
> We observed a situation during the download of a huge file in which 
> the session with our libssh-based client terminated abnormally 
> after just about 1 GB (1073745534 bytes, including some proxy overhead).
> Upon repeated attempts, the session terminated abnormally at the same
> point each time.
> The server in question identifies itself as "SSH-2.0-Internet Server
> We suspect that the remote server is initiating a key exchange after 1 GB,
> but this is just a hunch at this point.
> I looked at the libssh code and it seems to me that it does KEX
> only at the beginning of a session.  But I could be missing something.
> I have not been able to find mention of this in https://red.libssh.org/
> or during my limited search of the mailing list archive at 
> http://www.libssh.org/archive/ .
> So, let me ask:  Is this a known limitation with libssh?
> If not, I will proceed with turning on tracing (1 GB - ugghh)
> to further investigate.
> Thanks,
> Mark

SSH key exchange in mid-session"Mark Riordan" <mriordan@xxxxxxxxxxxx>
Re: SSH key exchange in mid-sessionAris Adamantiadis <aris@xxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org