Issue 571 in connectbot: support new SHA256-based HMAC transport integrity modes

[conne...@googlecode.com]

Status: New
Owner: ----
Labels: Type-Defect Priority-Medium

New issue 571 by i...@zeromail.org: support new SHA256-based HMAC transport
integrity modes
http://code.google.com/p/connectbot/issues/detail?id=571

What steps will reproduce the problem?
1. configure OpenSSH <=5.9 with "MACs hmac-sha2-512" in sshd_config
2. try connecting with connectbot

What is the expected output? What do you see instead?
expected: connection
instead: hanging on "connecting"

What version of the product are you using
ConnectBot 1.7.1 (v1.7.1 2010.10.08)

What type of system are you trying to connect to?
OpenSSH_5.9p1 and OpenSSH_6.0

Please provide any additional information below.

OpenSSH 5.9 release note sais:

* Add new SHA256-based HMAC transport integrity modes from
http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
These modes are hmac-sha2-256, hmac-sha2-256-96, hmac-sha2-512,
and hmac-sha2-512-96, and are available by default in ssh(1) and
sshd(8)

http://openssh.org/txt/release-5.9

See the current draft here:
https://tools.ietf.org/html/draft-dbider-sha2-mac-for-ssh-05

Would be nice to support that.

Thanks, and keep up the good work!

[conne...@googlecode.com]

Comment #1 on issue 571 by ckujau: support new SHA256-based HMAC transport
integrity modes
https://code.google.com/p/connectbot/issues/detail?id=571

Not to derail this issue, but: can we extend this report to "please support
the new Ciphers and KexAlgorithms"? I.e. Debian/stable (7.7 at this moment)
ships with OpenSSH_6.6.1p1, which supports the following:

Ciphers
3des-cbc, aes128-cbc, aes192-cbc, aes256-cbc, aes128-ctr, aes192-ctr,
aes256-ctr, aes12...@openssh.com, aes25...@openssh.com, arcfour128,
arcfour256, arcfour, blowfish-cbc, cast128-cbc, and
chacha20...@openssh.com

MAC
hmac-m...@openssh.com,hmac-s...@openssh.com,
umac-...@openssh.com,umac-1...@openssh.com,
hmac-sha...@openssh.com,hmac-sha...@openssh.com,
hmac-ripe...@openssh.com,hmac-sha...@openssh.com,
hmac-md...@openssh.com,
hmac-md5,hmac-sha1,uma...@openssh.com,umac...@openssh.com,
hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,
hmac-sha1-96,hmac-md5-96

KexAlgorithms
curve255...@libssh.org,
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,
diffie-hellman-group-exchange-sha1,
diffie-hellman-group14-sha1,
diffie-hellman-group1-sha1

Thanks!

--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings

[conne...@googlecode.com]

Comment #2 on issue 571 by i...@zeromail.org: support new SHA256-based HMAC

transport integrity modes
https://code.google.com/p/connectbot/issues/detail?id=571

I fully agree. OpenSSH 6.5 introduced a bunch of new ciphers and
algorithms: http://www.openssh.com/txt/release-6.5

See the current list here:
https://github.com/openssh/openssh-portable/blob/master/sshd_config.5#L734

Since the latest Snowden releases included OpenSSH
(http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html),
there have been HOWTOs on hardening OpenSSH configuration:
https://stribika.github.io/2015/01/04/secure-secure-shell.html

Unfortunately, it seems ConnectBot development is rather stalled:
https://github.com/connectbot/connectbot/commits/master

[conne...@googlecode.com]

Comment #3 on issue 571 by gordon.p...@gmail.com: support new SHA256-based

HMAC transport integrity modes
https://code.google.com/p/connectbot/issues/detail?id=571

I would like to have support for (mobile) access to my servers again, now
that I've configured them like this:


Ciphers chacha20...@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
KexAlgorithms
curve255...@libssh.org,diffie-hellman-group-exchange-sha256
MACs
hmac-sha...@openssh.com,hmac-sha...@openssh.com,hmac-ripe...@openssh.com,umac-1...@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac...@openssh.com

Curently, I get a hang upon trying to connect :-(

[conne...@googlecode.com]

Comment #4 on issue 571 by gwi...@gmail.com: support new SHA256-based HMAC

transport integrity modes
https://code.google.com/p/connectbot/issues/detail?id=571

Can anybody help me figure out what Ciphers/MACs/KexAlgorithms ConnectBot
does support? Since it looks like this bug is not going anywhere for the
moment.

Thanks!

[conne...@googlecode.com]

Comment #5 on issue 571 by gwi...@gmail.com: support new SHA256-based HMAC

transport integrity modes
https://code.google.com/p/connectbot/issues/detail?id=571

I used tcpdump to answer my own question ... the parameters connectbot uses
seem dangerously weak in the modern era. I'm looking for something else to
switch to at this point.

KexAlgorithms
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
Ciphers
aes256-ctr,aes192-ctr,aes128-ctr,blowfish-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-ctr,3des-cbc
MACs hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5

[conne...@googlecode.com]

Comment #6 on issue 571 by ckujau: support new SHA256-based HMAC transport
integrity modes
https://code.google.com/p/connectbot/issues/detail?id=571

Since ConnectBot moved to Github, source & issues can be tracked there,
e.g.:

https://github.com/connectbot/connectbot/issues/54
#54: connectbot doesn't work with intelligence-agency-proved sshd
configuration

Currently supported configurations, at least according to its source:

Supported Ciphers:
https://github.com/connectbot/connectbot/blob/master/src/com/trilead/ssh2/crypto/cipher/BlockCipherFactory.java#L30

Supported MACs:
https://github.com/connectbot/connectbot/blob/master/src/com/trilead/ssh2/crypto/digest/MAC.java#L17

Supported KexAlgorithms:
https://github.com/connectbot/connectbot/blob/master/src/com/trilead/ssh2/transport/KexManager.java#L76