Colin Watson
2024-Oct-06 18:06 UTC
Wrong version for ext-info-s in https://www.openssh.com/specs.html
Hi, https://www.openssh.com/specs.html says that RFC8308 support was added in OpenSSH 7.2, and it specifically calls out both ext-info-s and ext-info-c: "Extension Negotiation in the Secure Shell (SSH) Protocol (ext-info-s, ext-info-c)". However, while ext-info-c was indeed added in 7.2 as part of server-sig-algs support (https://anongit.mindrot.org/openssh.git/commit/?id=76c9fbbe35aabc1db977fb78e827644345e9442e), ext-info-s was only added in 9.6 as part of implementing the ext-info-in-auth at openssh.com extension (https://anongit.mindrot.org/openssh.git/commit/?id=a7ed931caeb68947d30af8a795f4108b6efad761). Could this web page be corrected in some way? (This rabbit-hole brought to you by https://bugs.debian.org/1082730 and https://github.com/jtesta/ssh-audit/issues/291.) Thanks, -- Colin Watson (he/him) [cjwatson at debian.org]
Darren Tucker
2024-Oct-06 23:25 UTC
Wrong version for ext-info-s in https://www.openssh.com/specs.html
On Mon, 7 Oct 2024 at 05:09, Colin Watson <cjwatson at debian.org> wrote:> https://www.openssh.com/specs.html says that RFC8308 support was added > in OpenSSH 7.2, and it specifically calls out both ext-info-s and > ext-info-c: "Extension Negotiation in the Secure Shell (SSH) Protocol > (ext-info-s, ext-info-c)".[...]> ext-info-s was only added in 9.6.Sorry, I missed that distinction when I originally added ext-info to the specs page in https://github.com/openbsd/www/commit/edeed95e> Could this web page be corrected in some way?I've added a clarification, it should be live on the site in the next hour or so. -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Possibly Parallel Threads
- [fdo] https://cgit.freedesktop.org wrong ssl cert
- [Bug 2929] New: OpenSSH server should not send the SSH_MSG_EXT_INFO message after rekeying
- Automatic FIDO2 key negotiation (request for comments)
- [Bug 3356] sshconnect2: SSH_MSG_EXT_INFO implementation seems broken based on RFC 8308
- Administrivia: new list server