AES256-CTR support in Publish over SSH and JSch dependency Plugins

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

AES256-CTR support in Publish over SSH and JSch dependency Plugins

chief.vitalstatix
The SSH client in the Publish over SSH plugin which uses Jsch Dependency plugin only supports the following Ciphers: Ciphers: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
OpenSSH 7.* is disabling cbc modes of the ciphers and also not offering CBC ciphers by default. 
https://www.openssh.com/releasenotes.html
 * ssh(1)/sshd(8): remove support for the arcfour, blowfish and CAST
   ciphers.
 * ssh(1): do not offer CBC ciphers by default.

It now enables the following ciphers by default: aes192-ctr and aes256-ctr. 
What are the plans to support these (aes192-ctr and aes256-ctr) ciphers in these plugins?

Thanks.!

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/a2cf59e2-afe7-440b-b76b-34005d542826%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: AES256-CTR support in Publish over SSH and JSch dependency Plugins

chief.vitalstatix
Just to add, all products are at their latest versions:
Jenkins: 2.121
JSch dependency plugin
Jenkins plugin that brings the JSch library as a plugin dependency, and provides an SSHAuthenticatorFactory for using JSch with the ssh-credentials plugin.
0.1.54.2

Publish Over SSH
Send build artifacts over SSH
1.19.1

There isn't an issue queue on the plugin developers github pages, so hoping someone sees it over here.

Thanks!


On Wednesday, May 9, 2018 at 7:47:21 PM UTC-7, [hidden email] wrote:
The SSH client in the Publish over SSH plugin which uses Jsch Dependency plugin only supports the following Ciphers: Ciphers: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
OpenSSH 7.* is disabling cbc modes of the ciphers and also not offering CBC ciphers by default. 
<a href="https://www.openssh.com/releasenotes.html" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.openssh.com%2Freleasenotes.html\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNEt5HG9ff7fWwS-Ppp_-8jZ2wrJzg&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.openssh.com%2Freleasenotes.html\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNEt5HG9ff7fWwS-Ppp_-8jZ2wrJzg&#39;;return true;">https://www.openssh.com/releasenotes.html
 * ssh(1)/sshd(8): remove support for the arcfour, blowfish and CAST
   ciphers.
 * ssh(1): do not offer CBC ciphers by default.

It now enables the following ciphers by default: aes192-ctr and aes256-ctr. 
What are the plans to support these (aes192-ctr and aes256-ctr) ciphers in these plugins?

Thanks.!

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/d2fae78d-6aa5-4635-bb6b-ae02d7f34076%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.