- Servers that do not implement RFC 4252 correctly may lead to stack overflow (issue #306).
Section 5.1 of the aforementioned RFC states the following on SSH_MSG_USERAUTH_FAILURE response:
The value of 'partial success' MUST be TRUE if the authentication request to which this is a response was successful. It MUST be FALSE if the request was not successfully processed.
Some SSH servers set 'partial success' to TRUE even if the authentication request was not processed successfully, and do not update the name-list to remove the method name that failed.
SSH.NET has now been updated only attempt authentication 5 times for a method that was considered partially successful.
If this limit is reached for a given method name, and no other authentication method is available, a SshAuthenticationException with message "Reached authentication attempt limit for method (<method name>)" will be thrown.
- Key exchange is slow when size of group is more than 1024 bit (issue #304 and #130).
As part of the key exchange, SSH.NET sends a SSH_MSG_KEY_DH_GEX_REQUEST with a 1024 bit minimum and preferred group size, and 8192 bit maximum group size.
Before this fix, we would generate a private exponent that matches the size of the safe prime generated by the server. In some cases this meant using a 8192 bit private component to generate the client exchange value, which is a CPU intensive operation.
As from this fix, we generate a private exponent that is twice the hash size with a minimum of 1024 bit.