You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@guacamole.apache.org by "Sven Gottwald (JIRA)" <ji...@apache.org> on 2017/10/07 14:43:00 UTC

[jira] [Updated] (GUACAMOLE-407) Support "modern" ssh crypto - only SHA1 is available

     [ https://issues.apache.org/jira/browse/GUACAMOLE-407?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sven Gottwald updated GUACAMOLE-407:
------------------------------------
    Description: 
It seems that guacamole doesn't support any "modern" ssh crypto.

The following key exchange methods are supported:
* diffie-hellman-group14-sha1
* diffie-hellman-group-exchange-sha1
* diffie-hellman-group1-sha1

The following MACs are supported:
* hmac-sha1,hmac-sha1-96
* hmac-md5,hmac-md5-96
* hmac-ripemd160
* hmac-ripemd160@openssh.com

Guacamole SHOULD support modern crypto like SHA2 and curve25519, see https://wiki.mozilla.org/Security/Guidelines/OpenSSH for more information and references.

  was:
It seems that guacamole doesn't support any "modern" ssh crypto.

The following key exchange methods are supported:
* diffie-hellman-group14-sha1
* diffie-hellman-group-exchange-sha1
* diffie-hellman-group1-sha1

The following MACs are supported:
* hmac-sha1,hmac-sha1-96
* hmac-md5,hmac-md5-96,hmac-ripemd160
* hmac-ripemd160@openssh.com

Guacamole SHOULD support modern crypto like SHA2 and curve25519, see https://wiki.mozilla.org/Security/Guidelines/OpenSSH for more information and references.


> Support "modern" ssh crypto - only SHA1 is available
> ----------------------------------------------------
>
>                 Key: GUACAMOLE-407
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-407
>             Project: Guacamole
>          Issue Type: Bug
>          Components: SSH
>    Affects Versions: 0.9.13-incubating
>         Environment: guacamole 0.9.13-incubating under docker https://hub.docker.com/r/guacamole/guacamole/
>            Reporter: Sven Gottwald
>              Labels: security
>
> It seems that guacamole doesn't support any "modern" ssh crypto.
> The following key exchange methods are supported:
> * diffie-hellman-group14-sha1
> * diffie-hellman-group-exchange-sha1
> * diffie-hellman-group1-sha1
> The following MACs are supported:
> * hmac-sha1,hmac-sha1-96
> * hmac-md5,hmac-md5-96
> * hmac-ripemd160
> * hmac-ripemd160@openssh.com
> Guacamole SHOULD support modern crypto like SHA2 and curve25519, see https://wiki.mozilla.org/Security/Guidelines/OpenSSH for more information and references.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)