Description
Currently supportedPubKeyAuthAlgos is hard-coded and contains all supported public key authentication algorithms.
Algorithms and signature formats not included in that list are not accepted by our server implementation.
I propose to make it configurable to allow to disable the weaker algorithms, for example ssh-dss or ssh-rsa.
A simple implementation would be to add them to the ServerConfig struct:
// ServerConfig holds server specific configuration data.
type ServerConfig struct {
// Config contains configuration shared between client and server.
Config
// PublicKeyAuthAlgorithms specifies the supported client public key
// authentication algorithms. Note that this should not include certificate
// types since those use the underlying algorithm. This list is sent to the
// client if it supports the server-sig-algs extension. Order is irrelevant.
// If unspecified then a default set of algorithms is used.
PublicKeyAuthAlgorithms []string
....
}
This is consistent with the way we currently allow to customize KeyExchanges, Ciphers and MACs.
An alternative to consider is to add a callback to the ServerConfig struct, for example
// ServerConfig holds server specific configuration data.
type ServerConfig struct {
...
PublicKeyAuthAlgorithmsCallback func(ConnMetadata) []string
...
}
this would allow for more flexibility, for example allowing algorithms based on the client version, but if we are to go this route we should probably allow the same for KeyExchanges, Ciphers and MACs as well and it is probably better to think about something more generic using a single callback for all the customizable algorithms.