Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

proposal: x/crypto/ssh: new callbacks to Config and error type #26840

Open
ThomasHabets opened this issue Aug 7, 2018 · 1 comment
Open

proposal: x/crypto/ssh: new callbacks to Config and error type #26840

ThomasHabets opened this issue Aug 7, 2018 · 1 comment
Labels
Proposal Proposal-Crypto Proposal related to crypto packages or other security issues
Milestone
Unreleased

Comments

@ThomasHabets
Copy link
Contributor

What version of Go are you using (go version)?

1.9.4 (but it doesn't matter, this isn't in the stdlib yet)

Does this issue reproduce with the latest release?

Yes.

What operating system and processor architecture are you using (go env)?

Doesn't matter.

What did you do?

I'm trying to get more info from SSH servers, and the API of x/crypto/ssh is not very friendly.

  1. I can only list acceptable crypto algorithms, not find out which the remote end support. One reason for wanting this is that I want to check all host keys, but the HostKeyCallback is only called for the negotiated one. The error message includes all algorithms remote end supports, but it's not programmatically extractable.
  2. No good way to reject host key and know that's why Dial failed.

What did you expect to see?

  1. Config.Remote{Ciphers,KeyExchanges,MACs} callbacks
  2. Being able to identify the error returned by ClientConfig.HostKeyCallback so that I know it failed because I wanted it to.

What did you see instead?

API with deficiencies.

Suggested improvements

  1. Add Remote{Ciphers,KeyExchanges,MACs} callbacks to type Config
  2. Add type HostKeyError, wrapping the error returned from the callback.
@gopherbot gopherbot added this to the Unreleased milestone Aug 7, 2018
@agnivade agnivade changed the title x/crypto/ssh: API deficiencies proposal: x/crypto/ssh: new callbacks to Config and error type Aug 11, 2018
@agnivade agnivade added the Proposal-Crypto Proposal related to crypto packages or other security issues label Aug 11, 2018
@agnivade
Copy link
Contributor

/cc @FiloSottile

@rsc rsc moved this to Incoming in Proposals Aug 10, 2022
@rsc rsc added this to Proposals Aug 10, 2022
@julieqiu julieqiu removed this from Go Security Sep 8, 2022
@gabyhelp gabyhelp mentioned this issue Jul 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Proposal Proposal-Crypto Proposal related to crypto packages or other security issues
Projects
Proposals
Status: Incoming
Milestone
Unreleased
Development

No branches or pull requests
3 participants
@ThomasHabets @agnivade @gopherbot