[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: SSH key exchange in mid-session
[Thread Prev] | [Thread Next]
- Subject: RE: SSH key exchange in mid-session
- From: "Mark Riordan" <mriordan@xxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Mon, 14 May 2012 11:16:30 -0500
- To: <libssh@xxxxxxxxxx>
Sorry - I missed this the first time around. libssh does not support key re-exchange right now. The fact that libssh has the option of using openssl's cryptographic library does not help, as openssl does not implement the SSH protocol. I plan on implementing key re-exchange in libssh, but I'm busy with other projects right now, so don't hold your breath. Last I looked, it appeared to me that typically a key re-exchange renegotiates everything from scratch, which I agree sounds excessive. However, since it happens only every 1 GB (typically), it's not too much overhead. Mark R ---------------------------------------------------------------------------- -------------------------------------------------------------------- Mark Riordan Sr Software Developer T. 608.824.3632 | <mailto:mriordan@xxxxxxxxxxxx> mriordan@xxxxxxxxxxxx cid:image001.png@01CAF288.192A5840 <http://www.ipswitchft.com/> www.IpswitchFT.com From: Aviv Zilberman [mailto:Aviv.Zilberman@xxxxxxxxxxx] Sent: Monday, May 14, 2012 2:26 AM To: 'libssh@xxxxxxxxxx' Subject: RE: SSH key exchange in mid-session Any comment ? Someone ? From: Aviv Zilberman Sent: Tuesday, May 01, 2012 3:32 PM To: libssh@xxxxxxxxxx Subject: SSH key exchange in mid-session Hello, I want to start using with libssh in order to achieve SSH communication. The problem is that the target SSH server (not SFTP server in my case) is also configuring to drop the session after 1G or 1 hour. I notice the following limitation of libssh in below link and I have 2 questions : http://www.libssh.org/archive/libssh/2012-04/0000001.html 1) As far as I understood from the RFC only the symmetric session key itself supposed to be exchange - no need to repeat the initialize handshake include asymmetric keys. I am right ? is it done automatically ? I think openssh support it so why libssh not ? 2) Assuming I would like to support it anyway. Is there a way to do so using libssh ? if so, what it is ? Thanks in advance, Aviv Zilberman.
| SSH key exchange in mid-session | Aviv Zilberman <Aviv.Zilberman@xxxxxxxxxxx> |
| RE: SSH key exchange in mid-session | Aviv Zilberman <Aviv.Zilberman@xxxxxxxxxxx> |