Bug#774711: openssh and putty

To: 774711@bugs.debian.org
Cc: taggart@debian.org
Subject: Bug#774711: openssh and putty
From: Matt Taggart <taggart@debian.org>
Date: Thu, 05 May 2016 14:24:11 -0700
Message-id: <[🔎] 20160505212411.560AD208@taggart.lackof.org>
Reply-to: Matt Taggart <taggart@debian.org>, 774711@bugs.debian.org

Today I was wondering about what crypto puTTY supports and the implications 
for openssh support in Debian and restricting options as we've been 
discussing in #774711. Here is what I found:

=======================================================================
puTTY -http://www.chiark.greenend.org.uk/~sgtatham/putty/
current released version 0.67

Documented at
http://the.earth.li/~sgtatham/putty/0.67/htmldoc/Chapter4.html

The following are supported in 0.67, described as openssh option names and 
for newer options the date and release they first appeared in puTTY.

Keys (in sshrsa.c, sshdss.c,sshecc.c)
* ssh-rsa
* ssh-dss
* ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521 
(2014-11-02,0.64)
* ssh-ed25519 (2015-05-09, 0.65)

KEX (in sshdh.c, sshecc.c)
* diffie-hellman-group-exchange-sha256
* diffie-hellman-group14-sha1
* diffie-hellman-group1-sha1
* diffie-hellman-group-exchange-sha1
* ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521 
(2014-11-02,0.64))
* curve25519-sha256@libssh.org (2015-05-09, 0.65)

cipher (in sshaes.c, ssharcf.c, sshblowf.h, sshdes.c, sshccp.c)
* aes256-ctr, aes192-ctr, aes128-ctr
* aes256-cbc, aes192-cbc, aes128-cbc
* rijndael-cbc@lysator.liu.se
* arcfour256, arcfour128
* blowfish-cbc(128), blowfish-ctr(256, openssh support?)
* 3des-cbc, 3des-ctr(openssh support?)
* chacha20-poly1305@openssh.com (2015-06-07, 0.65)

MAC (in sshsha.c, sshsh256.c sshsh512.c, sshmd5.c, )
* hmac-md5, hmac-md5-etm@openssh.com
* hmac-sha1, hmac-sha1-etm@openssh.com
* hmac-sha1-96, hmac-sha1-96-etm@openssh.com
* hmac-sha2-256, hmac-sha2-256-etm@openssh.com (2013-02-20, 0.63)
=======================================================================

If you want to support squeeze(released 2011-02) and newer and putty 
0.63(released 2013-08) and newer (and you agree with the other decisions 
mentioned in this bug, like dropping rsa1/md5/des/ecdsa) then the minimum 
modern options you need are:

=======================================================================
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com, ssh-ed25519,\
    ssh-rsa-cert-v01@openssh.com, ssh-rsa-cert-v00@openssh.com,ssh-rsa

KexAlgorithms curve25519-sha256@libssh.org,\
    diffie-hellman-group-exchange-sha256

Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,
    aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr

MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,\
    hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,\
    hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
=======================================================================

If people encounter other implementations of ssh that can't communicate 
with a debian system using the above, please report it to #774711 as it has 
implicationson what debian/upstream need to support/document.

HTH,

-- 
Matt Taggart
taggart@debian.org

Reply to:

Follow-Ups:
- Bug#774711: openssh and putty
  - From: Jacob Nevins <jacobn+debian@chiark.greenend.org.uk>

Prev by Date: Bug#74370: Please check your Administrator
Next by Date: Suggest a resource for the new disabilities section of our website?
Previous by thread: Bug#74370: Please check your Administrator
Next by thread: Bug#774711: openssh and putty
Index(es):
- Date
- Thread