SSH decryption encrypted packet - possible?
I'm trying to find information on whether it is possible to decrypt encrypted traffic: Key Exchange (method:diffie-hellman-group-exchange-sha256), but when looking everywhere I see contradictory information. There is a key selection field in protocols > ssh, will this allow packets to be decrypted? My setup is a QNX server <-> laptop, I have access to both devices and I am trying to analyze the communication. I only have ssh_host_rsa_key from the QNX server, I don't have a shared secret yet, and I don't know how to calculate it yet, but the question is whether it makes sense to look for it?
Is it possible to use ssh dissector to decrypt traffic?
877: Draft: Improving ssh decryption and dissection
16054: Add SSH decryption support
Thank you, I've seen these posts and plenty of others. Two of them show that it is "IN PROGRESS" and #877 shows that it has already been done. Where can I find more technical documentation on how to use it?
I haven't found a working sample with keys.
Info here on getting "shared secret": 10403: SSHv2: Add support for reading shared secret from keylog file
I think it depends on the SSL library used. In tests with the MS blessed OpenSSH (see here the LibreSSL library is used, which AFAICT does not support SSHKEYLOGFILE. Other versions of SSH may use a different library, e.g. openssl, which should support key extraction.