-
-
Notifications
You must be signed in to change notification settings - Fork 931
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Terrapin attack and strict KEX #1285
Comments
The library does not support ChaCha20-Poly1305 nor Encrypt-then-MAC (for better or worse), and does not support SSH extension negotiation (RFC8308) |
Will Encrypt-then-MAC be supported (and when)? Because one of the major cloud provider's SFTP-service isn't working anymore with the proposed security profile: Profile 2022-03 still support the "normal" hashfunctions: With profile 2023-05, only the EtM versions are supported: Do you have a policy regarding attempting to remain compatibility of the library with the major Cloud providers Microsoft, Amazon and Google? |
@scott-xu, @Rob-Hague Thank you very much! |
There is a recently published attack on SSH named Terrapin.
Is SSH.NET affected by Terrapin (does SSH.NET support any of the vulnerable encryption modes; does SSH.NET support the strict key exchange countermeasure)?
The text was updated successfully, but these errors were encountered: