[Info-vax] modern ssh on the old stack (VSI) versus new VSI stack (documentation)

[gérard Calliet]

Hello,

Because I think you have a lot of time at home now, I have a question.

With VSI tcpip new stack, I have a lot of information in the SPD about 
what can be done with ssh, for example:

"""SSH functionality has been extended to include the following:
• Diffie-Hellman-group14-sha256 (RFC 4250). This addition improves 
security of the key exchange by using a hash with more bits.
• Elliptic curve Diffie-Hellman (ECDH) key agreement [RFC 5656]. Curves 
are: nistp256, nistp384, nistp521. The curve chosen will be sufficient 
to support the hash for the host keys involved. For example: o If the 
host key is ECDSA-nistp521, only the curve nistp521 will be available. o 
If the host key is ECDSA-nistp384, the curves nistp384 and nistp521 will 
be available. o If the host key is ECDSA-nistp256, the curves nistp256, 
nistp384 and nistp521 will be available.
• Elliptic curve digital signature algorithm (ECDSA) [RFC 5656]. Public 
keys are written in a format close to what is used by OpenSSH; OpenSSH 
public keys can be read as-is. The "Subject" and "Comment" lines in the 
key may need to be removed to make the keys readable by OpenSSH. ECDSA 
supports curves nistp256, nistp384, nistp521.
..... """

I cannot find something precise like that for the last versions of the 
old tcpip stack delivered by VSI, including all good ECOs.

It is important for me to know about that to be able to determine if the 
last versions of tcpip/ssh on the old stack (for itanium and for alpha) 
are reasonably usable in the modern world, before being able to use the 
new stack. Another reason behind that is knowing if is worth it to go to 
VSI and tcpip (old stack) only to have more functionalities on ssh.

Take care

Gérard Calliet