similar to: Size of data packets in SSH connection

I'm wondering why the ChaCha20 cipher rekeys so frequently. At speed I'm seeing rekeys every second or two. So I'm spending a large amount of time in the rekey process. From what I've read about ChaCha20 it shouldn't need to be rekeyed quite so frequently. Am I missing something obvious? Just curious more than anything else. Chris

I was wondering if there was something specific to the internal chacha20 cipher as opposed to OpenSSL implementation. I can't just change the block size because it breaks compatibility. I can do something like as a hack (though it would probably be better to do it with the compat function): if (strstr(enc->name, "chacha")) *max_blocks = (u_int64_t)1 << (16*2);

On Wed, 29 Mar 2023, Chris Rapier wrote: > I was wondering if there was something specific to the internal chacha20 > cipher as opposed to OpenSSL implementation. > > I can't just change the block size because it breaks compatibility. I can do > something like as a hack (though it would probably be better to do it with the > compat function): > > if

I'm hardly an expert on this, but if I remember correctly, the rekey rate for good security is mostly dependent on the cipher block size. I left my reference books at home; so, I can't come up with a reference for you, but I would take Chris' "I'm deeply unsure of what impact that would have on the security of the cipher" comment seriously and switch to a cipher with a

That's true for block ciphers, but ChaCha20+poly1305 is a stream cipher. On Wed, 29 Mar 2023, Robinson, Herbie wrote: > > I?m hardly an expert on this, but if I remember correctly, the rekey rate > for good security is mostly dependent on the cipher block size.? I left my > reference books at home; so, I can?t come up with a reference for you, but I > would take Chris?

> Portable OpenSSH is also available via [...] Github: https://github.com/openssh/openssh-portable > > Running the regression tests supplied with Portable OpenSSH does not require installation and is a simply: > > $ ./configure && make tests I was going to try this on Kali Linux (latest version), but ran into trouble right away. No "configure" script exists

Hello All. Portable OpenSSH version 3.8.1p1 nearing release. This is primarily a bug fix release and we're asking for interested parties to try a snapshot [1]. A reminder: we rely on community feedback to find out about problems, particularly as there are many platforms any configurations that we don't have access to and can't test. In most cases, running the built-in tests is

Hi Damien, >This is what I'm playing with at the moment: if you?re playing with this currently anyway, shouldn?t? >+ /* >+ * Otherwise, use the RFC4344 s3.2 recommendation of 2**(L/4) blocks >+ * before rekeying where L is the blocksize in bits. >+ * Most other ciphers have a 128 bit blocksize, so this equates to >+ * 2**32 blocks / 64GB data. >+ */ >+ return

https://bugzilla.mindrot.org/show_bug.cgi?id=2521 Bug ID: 2521 Summary: subtract buffer size from computed rekey limit to avoid exceeding it Product: Portable OpenSSH Version: 6.8p1 Hardware: amd64 OS: Linux Status: NEW Severity: minor Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=2726 Bug ID: 2726 Summary: Uploading of large files (1GB+) fails when using SFTP in chrooted configuration Product: Portable OpenSSH Version: 7.3p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5

Hi, I downloaded setupssh-7.3p1-2.exe for Windows x64. I created private public keys and set it up accordingly. After entering the passphrase, I see authentication succeeded message but then the connection to the remote host gets closed immediately. Some of the Client output: ************************ ... Enter passphrase for key '/home/user2/.ssh/id_rsa': debug1: Authentication

Folks, I've just updated a machine to the latest IBM supplied OpenSSL RPMS: openssl-0.9.6m-1 openssl-devel-0.9.6m-1 (this is a power4 running AIX 5.1) and Tried to upgrade to the latest OpenSSH (3.8p1 - both the release and a snapshot from about a week ago) I'm using: ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-ssl-dir=/opt/freeware and the compilation seems OK: OpenSSH

Hello, I'm looking for your insight about the log below. We have an SFTP server (IBM Sterling File Gateway) and we're connecting from an OpenSSH SFTP client but something fails during KEX. Complete client-side debug output is below, but I believe the relevant part is: debug1: kex: server->client cipher: aes192-cbc MAC: hmac-sha1 compression: none debug1: kex: client->server

On Fri, 9 Jun 2023, Chris Rapier wrote: > Hi all, > > When a client requests dynamic remote forwarding with -R it delays forking > into the background. In ssh.c we see > > if (options.fork_after_authentication) { > if (options.exit_on_forward_failure && > options.num_remote_forwards > 0) { > debug("deferring postauth fork until

Hello, I'm trying to configure the openssh sftp server to perform re-keying. On the client side I've found the RekeyLimit parameter. But I am unable to find an equivalent for the server side. Is it currently not possible to configure the sftp server to perform re-keying? Or have I overlooked something. -- R _________________________________________________________________ Snygga till

Thanks for your suggestion! It seems to have gone a little further this time, but isn't accepting the key and is failing back on password-based auth. We're double-checking that the public key was correctly configured with the account, and also trying a DSA key to see if it behaves differently. Is there anything you'd suggest we look at or try at this point, and thank you very much

On Thu, 30 Mar 2023, Damien Miller wrote: >> >+ return (uint64_t)1 << (c->block_size * 2); >> >> ? this get an upper bound? This is UB for 256-bit blocksizes >> at least? > >block sizes in struct sshcipher are in bytes, not bits Yes, exactly. 256 bit = 32 bytes; 32*2 = 64; (uint64_t)1 << 64 is UB. bye, //mirabilos -- Infrastrukturexperte ?

Using OpenSSL, is there a preferred/recommended rate of rekeying an encrypted stream of data? Does OpenSSL handle this for developers behind the scenes? Does it even need to be rekeyed? Thanks in advance. -sc -- Sean Chittenden -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 202 bytes Desc: not available

Hi, Sorry to bother you on this mailing list, however I tried everything else and I am desperate to get this running. Please send me any hints you can think of. I have installed openssh-3.7.1p2 on a ppc target and trying to connect to an sshd running on a redhat 9 with openssh-3.5p1. I keep getting the error "Disconnecting: Corrupted check bytes on input" no matter what I tried. I

Hello everybody, I'd like to use OpenSSH (client & server, for shell & sftp) on an embedded PC with limited resources (processor 386 SX 40Mhz 8Mb RAM). I have Linux running on it. In the past, I tried to use OpenSSH on it just to see if it could work but each connection required an incredible long time to start. I suppose that the key generation is too expensive for that processor.