Closed perkelix closed 6 months ago
I just checked the default for OpenSSH v8.8:
$ ./ssh-audit.py 10.x.x.x:2222
# general
(gen) banner: SSH-2.0-OpenSSH_8.8
(gen) software: OpenSSH 8.8
(gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2020.79+
(gen) compression: enabled (zlib@openssh.com)
# key exchange algorithms
(kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
`- [info] default key exchange from OpenSSH 6.4 to 8.9
(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62
`- [info] default key exchange from OpenSSH 6.4 to 8.9
Inspecting the source code, it appears that curve25519-sha256@libssh.org
was the default from 6.5 to 7.2 (see https://github.com/openssh/openssh-portable/blob/V_6_5_P1/myproposal.h#L72), and curve25519-sha256
was the default from 7.4 to 8.9 (see https://github.com/openssh/openssh-portable/blob/V_7_4_P1/myproposal.h#L88).
Done.
Checking out up to commit 7b3402b20731a7d1e916f5a13052aadbccbae4f3 I notice that curve25519-sha256 is incorrectly marked as having been the default from 6.4. to 8.9, which is incorrect. The @libssh.org version was. The official one wasn't.
Anyhow, the above commit breaks the standard that had been used until now to only mention what is the current default and since which version.