From owner-freebsd-security@FreeBSD.ORG Sun Jun 24 18:26:02 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D7378106566C for ; Sun, 24 Jun 2012 18:26:02 +0000 (UTC) (envelope-from rsimmons0@gmail.com) Received: from mail-vb0-f54.google.com (mail-vb0-f54.google.com [209.85.212.54]) by mx1.freebsd.org (Postfix) with ESMTP id 8BDF68FC1A for ; Sun, 24 Jun 2012 18:26:02 +0000 (UTC) Received: by vbmv11 with SMTP id v11so2035387vbm.13 for ; Sun, 24 Jun 2012 11:26:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=unwQ+QanYcvX+cYNlM2gwajXaEcfrOFWEeDcUAdJt+o=; b=kRwfkIH3nf8j9AA/hoMq+1PQq3Q+F1THJscwlodtyiSzdvmMkJqd9BBWfhBMwW5lM5 qqlFVU/oyTaupfTyd0QA3as4Elbi7EBLnv3l5i8RxJ+tWdKMpVxL8etXGED3hA7WI6nX yDTWBB93RVvXQ9xnGldgB159ArswjchkH9BlPgvbCgJPx400YHC0LuiZXhZUdYYkG99j pMncSLum2zhpPVGM0W0uOtIFMCnq/tCzjEAOKlr+iPFc5jgI4hw8Oox+lAykERWAfZf7 Ojmfye53rfmBiQ2ZLF5ODJlxmpAH1JyKPnduD/ntcVd6es63a8tZPXRVlzr8fGQbHD5Q pBYw== MIME-Version: 1.0 Received: by 10.220.242.6 with SMTP id lg6mr5972702vcb.18.1340562362054; Sun, 24 Jun 2012 11:26:02 -0700 (PDT) Received: by 10.52.16.148 with HTTP; Sun, 24 Jun 2012 11:26:02 -0700 (PDT) In-Reply-To: <20120624181543.GA3652@DataIX.net> References: <4828EFCC-E60A-4961-9228-4A1ADAD28F73@lists.zabbadoz.net> <20120624165920.GA85913@DataIX.net> <20120624181543.GA3652@DataIX.net> Date: Sun, 24 Jun 2012 14:26:02 -0400 Message-ID: From: Robert Simmons To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: Add rc.conf variables to control host key length X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Jun 2012 18:26:02 -0000 On Sun, Jun 24, 2012 at 2:15 PM, J. Hellenthal wro= te: > On Sun, Jun 24, 2012 at 01:26:21PM -0400, Robert Simmons wrote: >> On Sun, Jun 24, 2012 at 12:59 PM, J. Hellenthal = wrote: >> > These are more then sufficient for any normal ssh use. >> >> I'm sorry if I sound rude, but I wanted to have a bit more of a >> substantive discussion than quoting the man pages. =A0Especially since >> what you are quoting dates back to a change to >> src/crypto/openssh/ssh-keygen.1 dated the following: >> Sun Sep 11 16:50:35 2005 UTC (6 years, 9 months ago) by des >> >> Being that the old "considered sufficient" of 1024 was added at the >> following revision date: >> Thu Feb 24 14:29:46 2000 UTC (12 years, 4 months ago) by markm >> > > There is nothing stopping you from changing a key after the system has > booted e.g. by using the rc script itself if you feel it is not > sufficient. Almost. If you use /etc/rc.d/ssh keygen all you will get is the default sizes again. If you apply the patches I've suggested earlier, this can be used to change the keys to your liking. As I said, my patches don't change the default, they just add knobs to rc.conf that allow /etc/rc.d/ssh keygen to work as someone would want it to work if they want different key sizes. > Given OpenBSD is usually always on the far safe side of things taking > the security approach before simplicity I would extremely agree that it > is more than sufficient. > > But then again what is good for the masses it not always good enough for > the security paranoid and giving credit to such is what keeps everyone > safe. > > ( /usr/local/etc/rc.d/openssh keygen ) # regenerate your keys > > Which should generate a new set of keys, keeping you safe for another X > amount of years. > > =A0- or - > > ssh-keygen -f rsa -b [NNNN] -f /usr/local/etc/ssh/ssh_host_rsa_key See above. I've included patches that simplify this. > But the intitial key being the default? its sufficient to get you in and > started on a remote system. > >> I would say that we are exactly due for a real discussion as to what >> should be considered sufficient with regards to modern processors and >> GPUs. > > Unfortunately I see that as a different thread "Hardware potential to > duplicate existing host keys... RSA DSA ECDSA" I see it as related directly to why or why not 2048 is sufficient. Do you have an argument for the 2048 default based on something more than OpenBSD does it?