You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (go version)?
1.9.2
Does this issue reproduce with the latest release?
Yes (1.10)
What operating system and processor architecture are you using (go env)?
go1.9.2.linux-amd64
What did you do?
SetDefaults() sets unsafe KeyExchanges and MACs by default.
var supportedMACs = []string{
"hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96",
}
var supportedKexAlgos = []string{
kexAlgoCurve25519SHA256,
// P384 and P521 are not constant-time yet, but since we don't
// reuse ephemeral keys, using them for ECDH should be OK.
kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
kexAlgoDH14SHA1, kexAlgoDH1SHA1,
}
If you keep up to date and know what the best algorithms are, chances are you should just configure them yourself.
The problem is that SetDefaults is used both by the server and the client, and we don't know in what setting they are used. If we use a conservative ("paranoid") default, that will make many connections fail, generating bug reports, and causing people to explicitly set algorithms. The latter will then cause clients and servers not to pick up newer algorithms as they're added to the package.
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (
go version
)?1.9.2
Does this issue reproduce with the latest release?
Yes (1.10)
What operating system and processor architecture are you using (
go env
)?go1.9.2.linux-amd64
What did you do?
SetDefaults()
sets unsafe KeyExchanges and MACs by default.What did you expect to see?
keyExchanges and MACs configured by
SetDefaults()
should use defaults likepreferredCiphers
is configured for ciphers.Updating these should maintain default compatibility back to OpenSSH 6.5 (January 2014) / Dropbear 2013.62 (December 2013), as well as x/crypto/ssh as of August 2015.
What did you see instead?
(above)
The text was updated successfully, but these errors were encountered: