Erlang R13B01 ssh-1.1.3 cipher key matching bug and documentation errors

Kenji Rikitake kenji.rikitake@REDACTED
Sun Jul 12 04:56:46 CEST 2009

Here's a list of bugs/documentation errors of ssh-1.1.3 for R13B01 which
I experienced yesterday.

* [bug] ssh:shell/3 and ssh:connect/3 do not crash immediately even if
  they fail to negotiate the cipher to use, and hang forever

  How to reproduce:
  set NOT to accept 3des-cbc as a cipher on the server
  (in OpenSSH, set Ciphers directive at sshd_config, *excluding* 3des-cbc)

  Possible reason: failure of finding a matching cipher does not throw
  an exception immediately (I haven't tested yet).

  FYI: on Portable OpenSSH 5.1 for FreeBSD slogin client, it will turn
  out to be something like the following:

-- quote --
debug1: match: OpenSSH_5.1p1 FreeBSD-20080901 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 FreeBSD-20080901
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
no matching cipher found: client 3des-cbc server aes128-ctr,blowfish-cbc,aes128-cbc,aes192-cbc,aes256-cbc
-- unquote --

* [documentation error] ssh manual should include that the current ssh
  module only supports the following crypto parameters of SSH Version 2
  protocol: (my opinion follows later in this message)

  cipher: 3des-cbc only
  MACs: hmac-sha1 only

* [documentation error] ssh manual should include that only an
  *unencrypted* private key is supported for ssh_rsa public key

  The manual should also note that private keys for public key
  authentication used for interactive logins are mostly encrypted so
  cannot be used for the time being.

* [documentation error] ssh:connect/1 and ssh:connect/2 no longer exist,
  but still documented. Description for those old functions should be
  eliminated, and requirement to use ssh:connect/3 instead should be

* [my opinion] I personally think only supporting 3des-cbc is *archaic*
  and insufficient; implementing at least stronger ciphers such as
  aes128-cbc and aes256-cbc, or even blowfish-cbc, should be considered
  ASAP, regarding the strength of the ciphers.

Kenji Rikitake

More information about the erlang-questions mailing list