Openssh-6.6p1 doesn't seem to rekey on the server end

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hello,

( note, this is fixed in openssh-7.2p2 )

I was checking that openssh's sshd respected the "RekeyLimit" setting and
noticed that it did not seem to respect the setting for blocks ( i.e.
RekeyLimit 1K would not rekey ).

I examined this a bit and realized that the issue seems to be in
monitor.c:monitor_apply_keystate where set_newkeys is called before
packet_set_rekey_limits. Since set_newkeys requires packet_set_rekey_limits
to set the max blocks value, it results in the requested limits never being
set.

This is OpenSSH-6.6p1 with patches from Fedora. The patches don't seem to
affect this issue.

This is also fixed in OpenSSH-7.2p2. I thought it was worth bringing up
since I didn't see in any release notes when it got fixed and it was a bit
of a head-scratcher.

Cheers,

Ethan
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux