d51cc248e7
ci / test (push) Has been cancelled
ci / fuzz-smoke (push) Has been cancelled
ci / package-release (linux-x86_64, ubuntu-latest) (push) Has been cancelled
ci / package-release (macos-aarch64, macos-14) (push) Has been cancelled
ci / package-release (macos-x86_64, macos-13) (push) Has been cancelled
ci / package-release (windows-x86_64, windows-latest) (push) Has been cancelled
ci / remote-bench (push) Has been cancelled
2.6 KiB
2.6 KiB
Dosh Native v1 Audit Packet
This is the handoff checklist for an external security review.
Scope
Review the security properties of Dosh native v1:
- Native UDP authentication and key exchange
- Host key trust and known-host mismatch behavior
- Authorized key parsing and policy enforcement
- Transport encryption, replay protection, rekeying, resume, and stale packet handling
- Attach ticket sealing/opening
- TCP forwarding and agent forwarding authorization boundaries
- Parser robustness for untrusted wire/config data
Primary files:
src/native.rssrc/protocol.rssrc/auth.rssrc/ssh_agent.rssrc/bin/dosh-client.rssrc/bin/dosh-server.rssrc/config.rstests/parser_robustness.rstests/protocol_auth.rstests/hostile_network.rstests/integration_smoke.rsfuzz/fuzz_targets/*
Primary docs:
docs/NATIVE_V1_SPEC.mddocs/THREAT_MODEL.mddocs/PROTOCOL_VERSIONING.mddocs/PUBLIC_READINESS.mddocs/RELEASE_EVIDENCE_2026-06-20.md
Required Reviewer Questions
- Is the native handshake transcript complete enough to bind client/server keys, requested session, mode, env, and forwarding permissions?
- Are host-key trust transitions fail-closed, especially unknown vs mismatch vs explicit TOFU?
- Are authorized-key options parsed conservatively enough, and are unsupported options rejected safely?
- Can replayed, reordered, delayed, stale, or cross-epoch packets affect terminal input or forwarded streams more than once?
- Does key rotation preserve confidentiality without creating split-brain epoch states?
- Do attach tickets create any bearer-token replay or privilege-extension issue?
- Can UDP endpoint migration be abused for hijack or reflection?
- Are local/remote/dynamic TCP forwarding and agent forwarding gated correctly by client opt-in, server config, and authorized-key options?
- Are parser and packet-size limits sufficient against malicious inputs?
- Are there any unsafe assumptions in process/session persistence or holder adoption?
Current Local Evidence
As of 2026-06-20:
cargo test:153 passed, 1 ignoredmake soak-local: passed 30-minute sleep/roaming soakmake fuzz-smoke: passed all configured fuzz targets for 20s eachmake bench-docker-mosh: passed SSH, ControlMaster, native, cached, and Mosh comparison gates
Explicit Non-Claims Before Audit
- No claim of generic SSH protocol replacement.
- No claim of full Mosh compatibility.
- No claim that native v1 is externally audited.
- No claim that Windows server support is production-ready.