Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Re: Net::SFTP::Foreign Cipher check

by salva (Canon)
on Apr 02, 2019 at 07:34 UTC ( [id://1231986]=note: print w/replies, xml ) Need Help??


in reply to Net::SFTP::Foreign Cipher check

As you are using the Net::SSH2 backend, you should check what libssh2 supports: 
Key Exchange Methods: diffie-hellman-group1-sha1, diffie-hellman-group
+14-sha1, diffie-hellman-group-exchange-sha1,
                      diffie-hellman-group-exchange-sha256
Hostkey Types: ssh-rsa, ssh-dss
Ciphers: aes256-ctr, aes192-ctr, aes128-ctr, aes256-cbc (rijndael-cbc@
+lysator.liu.se), aes192-cbc, aes128-cbc,
         3des-cbc, blowfish-cbc, cast128-cbc, arcfour, arcfour128, non
+e

[download]

You should also ensure that you are using a recent version of the library. Probably 1.8.2 which was released some days ago and incorporates several important security fixes.

In any case, you should probably check yourself if it works for your particular configuration as libssh2 is quite buggy.

Replies are listed 'Best First'.
Re^2: Net::SFTP::Foreign Cipher check
by sofysr (Novice) on Apr 02, 2019 at 14:55 UTC
    Hi Salva,

    Thank you. I have 1.7.0 version of the libssh2 library. I checked the "crypt.c" file in the library folder and found the below code in it. Does this mean that it supports these ciphers: 

    static const LIBSSH2_CRYPT_METHOD *_libssh2_crypt_methods[] = {
#if LIBSSH2_AES_CTR
  &libssh2_crypt_method_aes128_ctr,
  &libssh2_crypt_method_aes192_ctr,
  &libssh2_crypt_method_aes256_ctr,
#endif /* LIBSSH2_AES */
#if LIBSSH2_AES
    &libssh2_crypt_method_aes256_cbc,
    &libssh2_crypt_method_rijndael_cbc_lysator_liu_se,  /* == aes256-c
+bc */
    &libssh2_crypt_method_aes192_cbc,
    &libssh2_crypt_method_aes128_cbc,
#endif /* LIBSSH2_AES */
#if LIBSSH2_BLOWFISH
    &libssh2_crypt_method_blowfish_cbc,
#endif /* LIBSSH2_BLOWFISH */
#if LIBSSH2_RC4
    &libssh2_crypt_method_arcfour128,
    &libssh2_crypt_method_arcfour,
#endif /* LIBSSH2_RC4 */
#if LIBSSH2_CAST
    &libssh2_crypt_method_cast128_cbc,
#endif /* LIBSSH2_CAST */
#if LIBSSH2_3DES
    &libssh2_crypt_method_3des_cbc,
#endif /*  LIBSSH2_DES */
#ifdef LIBSSH2_CRYPT_NONE
    &libssh2_crypt_method_none,
#endif
    NULL
};

    [download]

    Thanks.
[reply]
[d/l]
      Well, probably, though it depends of all those #if blocks in the code you have pasted.

      There is only one way to know for sure, and it is trying!

[reply]
[d/l]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://1231986]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others avoiding work at the Monastery: (4)
As of 2024-04-25 16:21 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found