Add support for RFC 8308 Extension Negotiation

We should add support for [RFC8308](https://datatracker.ietf.org/doc/html/rfc8308) extension negotation, and primarily, the `server-sig-algs` extension.

Currently, we always try to authenticate RSA keys first with `ssh-rsa` (SHA-1) because otherwise certain servers are prone to misbehaving - see #1283 and related discussions. With the `server-sig-algs` extension implemented, we can know upfront which algorithms the server will accept and we can e.g. save a signature round-trip in the case that the server will not accept `ssh-rsa`.

There may be some more extensions worth supporting in https://github.com/openssh/openssh-portable/blob/master/PROTOCOL

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Add support for RFC 8308 Extension Negotiation #1481

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Add support for RFC 8308 Extension Negotiation #1481

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions