Hello,
I would like to get back to the fingerprint validation - no problem
with adding properties to ServerFactoryManager.
I can create JIRA issue for that and create the code.
When the code will be ready, should I just send it to you? (I am not
the MINA committer).
Regards,
Pawel
2014-10-16 23:35 GMT+02:00 Guillaume Nodet <gno...@apache.org>:
> I'm quite reluctant to add code which is completely unused.
> I think it should be possible to modify the DHGEX class to leverage that
> code if a boolean property is set on the ServerFactoryManager.
> Something like MODULI_CHECK_FINGERPRINT and also a MODULI_FINGERPRINT_SALT
> and MODULI_FINGERPRINT_URL maybe.
> If the first one is true, then use the code you pasted below to actually
> verify the fingerprints, else simply ignore it.
>
> If you're wiling to work on that, please create a JIRA issue.
>
> 2014-10-15 16:53 GMT+02:00 Pawel Sm7 <pawel....@gmail.com>:
>
>> Hello,
>>
>> My plan would be not to change Mina SSHD existing classes, but give
>> people using Mina SSHD a new class to use fingerprints if needed.
>>
>>
>>
>> It could be used e.g.:
>>
>> In org.apache.sshd.server.kex.DHGEX:
>>
>> private DH chooseDH(int min, int prf, int max) throws Exception {
>> ModuliFingerprint mf = new ModuliFingerprint();
>> mf.setSalt(.....);
>>
>> try {
>> mf.checkModuliFingerprint(MODULI_FILE, MODULI_FINGERPRINT);
>> } catch (Exception e) {
>> throw e;
>> }
>> ......
>>
>> Here if moduli was tampered, fingerprints do not match and exception
>> is generated. SSHD is not started.
>>
>> Earlier you need to generate fingerprint for the existing moduli file
>> using createModuliFingerprint() method.
>>
>>
>> I didn't want to update Mina SSHD existing classes because everyone
>> who wants to use fingerprints needs to generate its own secret salt
>> using setSalt() method as in the example above. It has to be secret,
>> so I did not want to force existing SSHD classes to use fingerprints.
>>
>> Please let me know your opinion.
>>
>> Regards,
>>
>> Pawel
>>
>>
>>
>> 2014-10-13 17:52 GMT+02:00 Guillaume Nodet <gno...@apache.org>:
>> > How do you plan to change sshd to use this class ?
>> >
>> > 2014-10-13 17:07 GMT+02:00 Pawel Sm7 <pawel....@gmail.com>:
>> >
>> >> Hello,
>> >>
>> >> Please find attached proposal of moduli fingerprint functionality.
>> >>
>> >> Please let me know if you have any comments and if you plan add this
>> >> functionality to Apache Mina SSHD.
>> >>
>> >> Regards,
>> >>
>> >> Pawel
>> >>
>> >>
>> >> 2014-04-30 16:36 GMT+02:00 Pawel Sm7 <pawel....@gmail.com>:
>> >> > Hello,
>> >> >
>> >> > I have 3 issues I would like to discuss.
>> >> >
>> >> > 1. Handling error scenarios if Prime cannot be found.
>> >> > Mina does not support fallback to weaker Diffie-Hellman algorithm if
>> >> Prime
>> >> > cannot be found.
>> >> >
>> >> > The failure approach of fall-thru to weaker Diffie-Hellman algorithm,
>> >> e.g.
>> >> > Group14 (embedded within the Code) if Prime cannot be found, either
>> due
>> >> to
>> >> > MODULI File Access Errors or Prime Not Found in the File, is the
>> typical
>> >> > approach of most SSH Server Implementations.
>> >> > OpenSSH follows this paradigm. Also it would help in communications
>> >> > robustness.
>> >> > It would be also nice to have a log event when the fallback happens.
>> >> > Do you agree that this is an issue? When could it be implemented?
>> >> >
>> >> > 2. Moduli file integrity handling.
>> >> > Could you create e.g. a SHA-256 hash fingerprint of the moduli file
>> >> > contents, store it somewhere and add validation of moduli file using
>> the
>> >> > fingerprint.
>> >> > This way we can deal with unauthorized tampering of moduli file. It is
>> >> > potential security issue.
>> >> >
>> >> > 3. Moduli file generator
>> >> > Is there a roadmap to add a moduli generator so that there’s full
>> support
>> >> > for group exchange generation and usage within Mina?
>> >> > e.g. Primes could be regenerated also when moduli file is corrupted.
>> >> >
>> >> >
>> >> > Regards,
>> >> >
>> >> > Pawel
>> >>
>>
