Differences
This shows you the differences between the selected revisions of the page.
| 2011-11-12 | 2012-01-05 | ||
| sshbug_maxpkt2 anchor (martin) | bug 577 (martin) | ||
| Line 35: | Line 35: | ||
| This is an SSH-1-specific bug. | This is an SSH-1-specific bug. | ||
| + | |||
| + | ===== Chokes on SSH-2 ignore messages ===== | ||
| + | |||
| + | &future_feature | ||
| + | |||
| + | An ignore message (''SSH_MSG_IGNORE'') is a message in the SSH protocol which can be sent from the client to the server, or from the server to the client, at any time. Either side is required to ignore the message whenever it receives it. WinSCP uses ignore messages in SSH-2 to confuse the encrypted data stream and make it harder to cryptanalyse. It also uses ignore messages for [[ui_login_connection#keepalives|connection keepalives]]. | ||
| + | |||
| + | If it believes the server to have this bug, WinSCP will stop using ignore messages. If this bug is enabled when talking to a correct server, the session will succeed, but keepalives will not work and the session might be less cryptographically secure than it could be. | ||
| ===== Miscomputes SSH-2 HMAC keys ===== | ===== Miscomputes SSH-2 HMAC keys ===== | ||