Strict key exchange support: false --

RUB-NDS / Terrapin-Scanner

This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".

https://terrapin-attack.com

Apache License 2.0

931 stars 62 forks source link

Strict key exchange support: false -- #15

Closed mamoona-aslam closed 8 months ago

mamoona-aslam commented 8 months ago

As noticed in the main.go code

const KexStrictIndicatorClient = "kex-strict-c-v00@openssh.com"
const KexStrictIndicatorServer = "kex-strict-s-v00@openssh.com"

Shouldnt kex-strict-s-v00@openssh.com be curve25519-sha256?

Because as the scanner is ran, following is the output

As the same issue was highlighted in ssh-audit issue.

Can this be fixed?

TrueSkrillor commented 8 months ago

No, kex-strict-s-v00@openssh.com is the indicator used to signal the support for the strict key exchange countermeasure and is unrelated to curve25519-sha256. The ssh-audit issue that you linked also got that wrong. The quote there confuses the last sentence of section 1.8 of the OpenSSH PROTOCOL file (describing curve25519-sha256@openssh.com) with the beginning of section 1.9 (released as 1.10; describing strict key exchange). Those are not related.

It seems like you are scanning a Debian host with OpenSSH. As of now, Debian has not yet released OpenSSH updates targeting CVE-2023-48795 in any release other than sid. See here.