LPCSSH and Kernellib Security

[noahgibbs]

I recently attempted to get LPCSSH working. I learned a few lessons and I do not recommend others do the same at this point. Let me explain.

I hadn't thought about the fact that LPCSSH is not using OpenSSH. Rather, it is reimplementing one algorithm worth of OpenSSH for each major area of functionality (key exchange, hostkey, cipher). And those algorithms are implemented simply, in a way that doesn't 100% expand to, e.g. modern keypair sizes, and are no longer allowed by default in SSH because they're too small to be secure.

While I didn't get it 100% working, the mostly-working client command line starts with this:

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss -c 3des-cbc

That's... not a good start, in several important ways. It would make more sense, if one wanted decent security, to require that users connect over an https-protocol websocket via a tunnel or something similar.

(In any case, few users would want a command line so awful and obscure that they'd need to treat it like a unique one-off client for your game anyway.)

It think that's a REALLY good reason NOT to implement websockets in DGD. Even if the websocket protocol itself was fine and easy, one WOULD NOT WANT to support a full HTTPS implementation in DGD. Using somebody else's is a much better idea.

SSH, HTTPS and websockets all share the problem that the user-side client gets pretty regular updates, and so you'd need to do continuous work to keep supporting new protocols or our users would all have to start going through contortions to be allowed to connect :-/

I've said several times you can "use somebody else's." How? The easiest way would be to write a little Node.js server that sits in the middle, between DGD and the browsers and SSH connections of the world. Then it could accept SSH and/or HTTPS websocket connections, and forward them unencrypted to DGD on the same local machine. Basically, DGD would become the back-end service for an SSH and/or websocket server that ran on Node.js. You can see a fairly similar thing in the tunnel that Skotos used for its games' web clients: https://github.com/ChatTheatre/websocket-to-tcp-tunnel

[dworkin]

LPC ssh was intentionally limited from the start, and serves as an answer to the question "what is a sort-of secure way in which you can connect to a DGD mud using a command-line tool, and also copy files back and forth?" Ssh is a lot better than telnet in this regard.

Unfortunately, DGD had a bug at the time (now fixed) which prevented ssh from working.