SHA-512-256 is also available via the higher-level interface crypto_hash()
.
debug1: kex: algorithm: curve25519-sha256 [preauth]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-512 compression: none [preauth]
debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-512 compression: none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
client public key 25519:
debug3: receive packet: type 30 [preauth]
0000: 08 55 d5 7d b8 ea 43 56 f0 18 15 d8 49 fe 00 91 .U.}..CV....I...
0016: 2d 3c 25 dc 79 96 ee 19 12 cc 49 74 1d 2b dc 42 -<%.y.....It.+.B
shared secret
0000: ba 25 3d c6 b1 87 8f a1 5b 18 3d 70 ed b9 22 57 .%=.....[.=p.."W
0016: 88 f1 ad de 25 7c 6f 42 46 8b fc db 56 80 8f 60 ....%|oBF...V..`
server public key 25519:
0000: fd d8 09 04 33 09 06 b0 b0 58 e2 9f 39 c7 97 f3 ....3....X..9...
0016: 32 99 c0 d9 a5 74 57 f1 46 47 45 7d 2a 2a 03 60 2....tW.FGE}**.`
encoded shared secret:
0000: 00 00 00 21 00 ba 25 3d c6 b1 87 8f a1 5b 18 3d ...!..%=.....[.=
0016: 70 ed b9 22 57 88 f1 ad de 25 7c 6f 42 46 8b fc p.."W....%|oBF..
0032: db 56 80 8f 60 .V..`
debug3: mm_sshkey_sign entering [preauth]
ecdh = ::X25519::Scalar.generate
to_hex(ecdh.public_key.to_bytes) => "8 55 d5 7d b8 ea 43 56 f0 18 15 d8 49 fe 0 91 2d 3c 25 dc 79 96 ee 19 12 cc 49 74 1d 2b dc 42"
to_hex(result[:server_ecdh_pubkey]) => "fd d8 9 4 33 9 6 b0 b0 58 e2 9f 39 c7 97 f3 32 99 c0 d9 a5 74 57 f1 46 47 45 7d 2a 2a 3 60"
pk = ::X25519::Scalar.new(result[:server_ecdh_pubkey]).public_key
to_hex(ecdh.diffie_hellman(pk).to_bytes) => "b6 e3 ec 89 65 d1 67 a0 ea d2 da f1 aa 80 f 3e 31 6c 0 b3 53 50 8e 78 c9 be 6f eb c6 a0 11 1e"
ecdh.diffie_hellman(pk)
I don't have the same result has openssh
Replace :
pk = ::X25519::Scalar.new(result[:server_ecdh_pubkey]).public_key
with
pk = ::X25519::MontgomeryU.new(result[:server_ecdh_pubkey])
Net::SSH
that's something I can look into
ed25519
gem doesn’t support them (nor do many other Ed25519 libraries)