algorithm
Click on the red underlined text to get to the source
... key exchange methods, two user
authentication methods, and a new host key algorithm. These
definitions allow any GSS-API mechanism to be used with the Secure
Shell protocol ...
... GSS-API key exchange methods described in this section do
not require the use of public key signature or encryption algorithms,
they MAY be used with any host key algorithm, including the "null"
...
... public key signature or encryption algorithms,
they MAY be used with any host key algorithm, including the "null"
algorithm described in Section 5.
...
... they MAY be used with any host key algorithm, including the "null"
algorithm described in Section 5.
...
... these messages as a matter of policy.
This is implemented with the following messages. The hash algorithm
for computing the exchange hash is defined by the method ...
... used for any encryption operations, this message is OPTIONAL. If the
"null" host key algorithm described in Section 5 is used, this
message MUST NOT be sent. If this message is sent, the server public
host key(s) and/or certificate ...
... GSS-API-authenticated Diffie-Hellman key
exchange algorithm described in Section 2.1, including any future
methods that use different groups ...
... Null Host Key Algorithm ...
...
The "null" host key algorithm has no associated host key material and
provides neither signature ...
... host key material and
provides neither signature nor encryption algorithms. Thus, it can
be used only with key exchange methods that do not require any
...
... methods.
This algorithm is used when, as a matter of configuration, the host
does not have or does not wish to use a public key ...
... GSS-API mechanism. In such a
configuration, the server implementation supports the "ssh-dss" key
algorithm (as required by [SSH-TRANSPORT]), but could be prohibited
by configuration from using it. In this situation, the server needs
...
... SSH-TRANSPORT]), but could be prohibited
by configuration from using it. In this situation, the server needs
some key exchange algorithm to advertise; the "null" algorithm fills
this purpose.
...
... by configuration from using it. In this situation, the server needs
some key exchange algorithm to advertise; the "null" algorithm fills
this purpose.
...
... this purpose.
Note that the use of the "null" algorithm in this way means that the
server will not be able to interoperate with clients that do not
...
... server will not be able to interoperate with clients that do not
support this algorithm. This is not a significant problem, since in
the configuration described, it will also be unable to interoperate
with implementations that do not support the GSS-API-authenticated ...
... Any implementation supporting at least one key exchange method that
conforms to Section 2 MUST also support the "null" host key
algorithm. Servers MUST NOT advertise the "null" host key algorithm
unless it is the only algorithm ...
... key exchange method that
conforms to Section 2 MUST also support the "null" host key
algorithm. Servers MUST NOT advertise the "null" host key algorithm
unless it is the only algorithm advertised.
...
... host key
algorithm. Servers MUST NOT advertise the "null" host key algorithm
unless it is the only algorithm advertised.
...
... SPNEGO could result in the subversion of the negotiation
algorithm for key exchange methods as described in Section 7.1 of
[SSH-TRANSPORT ...
... [SSH-TRANSPORT] and/or the negotiation algorithm for user
authentication methods as described in [SSH-USERAUTH ...
... The SSH host public key algorithm name "null", to name the NULL
host key algorithm defined in Section 5.
...
... SSH host public key algorithm name "null", to name the NULL
host key algorithm defined in Section 5.
The SSH ...