Date: Sun, 30 Jan 2022 21:13:16 -0500 From: "Garance A Drosehn" <drosih@rpi.edu> To: freebsd-stable@freebsd.org Subject: SSHD, diffie-hellman-group1-sha1 , and FreeBSD 13-stable Message-ID: <C755168A-A95D-47A2-9C9B-410FB9E56FDF@rpi.edu>
next in thread | raw e-mail | index | archive | help
--=_MailMate_89668C7E-BD76-4B3F-8189-3AB56BE0D23F_=
Content-Type: text/plain; format=flowed; markup=markdown
I recently built a new server running freebsd-13-stable, and ran into an
unexpected problem. It may be that there is no reasonable fix for this
problem, but I thought I'd ask in case I'm missing something simple.
This new server is replacing an older server which was last updated in
February 2021. The original server needs to accept ssh connections
coming some servers which are painfully ancient. Years ago OpenSSH
disabled support for the key-exchange algorithm named
diffie-hellman-group1-sha1 in the default configuration. Unfortunately
my server needs to accept connections from systems so old that they
don't support any of the newer Kex algorithms. In my older build of
this server, I handled this need by adding the line:
KexAlgorithms +diffie-hellman-group1-sha1
in /etc/ssh/sshd_config, and that worked fine.
In the newer system that config line flags an error:
-# /usr/sbin/sshd -f /etc/ssh/sshd_config4 -t
/etc/ssh/sshd_config4: line 156: Bad configuration option:
KexAlgorithm
/etc/ssh/sshd_config4: terminating, 1 bad configuration options
(It's "sshd_config4" instead of "sshd_config" because I have this in a
copy of 'sshd' running on a separate port from the standard 'sshd'.
This allows me to strictly limit which hosts are allowed to even try to
use diffie-hellman-group1-sha1).
So far I'm not even sure which component is rejecting the option. I
notice, for instance, that the option is still available and works when
specified on an 'ssh' command. This command works fine:
-# ssh -4e none -oKexAlgorithms=+diffie-hellman-group1-sha1 \
-oCiphers=aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
\
me@sad.ancient.server.rpi.edu
(that command will succeed at logging into the ancient server, while
'ssh' cannot login to the ancient server unless I add those two
-Options).
Based on some searches of the web and mailing lists, I tried an
experiment of adding the line:
WITH_OPENSSL_KTLS=yes
to the file /etc/src.conf . I then did a 'make cleanworld ; make
buildworld'. The build and install worked fine, but sshd still won't
accept the option for kex diffie-hellman-group1-sha1. Perhaps I have
the wrong name for that build-option, or I set it to the wrong value?
Or is there some option that I have to specify in the kernel-config
file?
It will be okay with me if this was an explicit decision to remove all
support for the option in favor of better security, but I'm not finding
anything to suggest that this change was intentional. I can't even tell
when it happened, except to say that it was sometime between Feb 2021
and this past weekend. It might even be that this is a side-effect of
building a new system from scratch? My older server was originally
built as freebsd-9-stable, and had been upgraded many times until it got
to 13-stable. Who knows what cruft is lurking around on it!
In any case, if there is some easy way for me to enable the option for
incoming 'sshd' connections, that would be very nice.
--
Garance Alistair Drosehn = drosih@rpi.edu
Lead Developer @rpi and gad@FreeBSD.org
Rensselaer Polytechnic Institute; Troy, NY; USA
--=_MailMate_89668C7E-BD76-4B3F-8189-3AB56BE0D23F_=
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE html>
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/xhtml; charset=3Dutf-8"=
>
</head>
<body>
<div><div class=3D"markdown">
<p dir=3D"auto">I recently built a new server running freebsd-13-stable, =
and ran into an unexpected problem. It may be that there is no reasonabl=
e fix for this problem, but I thought I'd ask in case I'm missing somethi=
ng simple.</p>
<p dir=3D"auto">This new server is replacing an older server which was la=
st updated in February 2021. The original server needs to accept ssh con=
nections coming some servers which are painfully ancient. Years ago Open=
SSH disabled support for the key-exchange algorithm named diffie-hellman-=
group1-sha1 in the default configuration. Unfortunately my server needs =
to accept connections from systems so old that they don't support any of =
the newer Kex algorithms. In my older build of this server, I handled th=
is need by adding the line:<br>
KexAlgorithms +diffie-hellman-group1-sha1<br>
in /etc/ssh/sshd_config, and that worked fine.</p>
<p dir=3D"auto">In the newer system that config line flags an error:</p>
<p dir=3D"auto">-# /usr/sbin/sshd -f /etc/ssh/sshd_config4 -t<br>
/etc/ssh/sshd_config4: line 156: Bad configuration option: KexAlgorith=
m<br>
/etc/ssh/sshd_config4: terminating, 1 bad configuration options</p>
<p dir=3D"auto">(It's "sshd_config4" instead of "sshd_config" because I h=
ave this in a copy of 'sshd' running on a separate port from the standard=
'sshd'. This allows me to strictly limit which hosts are allowed to eve=
n try to use diffie-hellman-group1-sha1).</p>
<p dir=3D"auto">So far I'm not even sure which component is rejecting the=
option. I notice, for instance, that the option is still available and =
works when specified on an 'ssh' command. This command works fine:</p>
<p dir=3D"auto">-# ssh -4e none -oKexAlgorithms=3D+diffie-hellman-group1-=
sha1 \<br>
-oCiphers=3Daes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cb=
c \<br>
<a href=3D"mailto:me@sad.ancient.server.rpi.edu">me@sad.ancient=
=2Eserver.rpi.edu</a></p>
<p dir=3D"auto">(that command will succeed at logging into the ancient se=
rver, while 'ssh' cannot login to the ancient server unless I add those t=
wo -Options).</p>
<p dir=3D"auto">Based on some searches of the web and mailing lists, I tr=
ied an experiment of adding the line:<br>
WITH_OPENSSL_KTLS=3Dyes<br>
to the file /etc/src.conf . I then did a 'make cleanworld ; make buildwo=
rld'. The build and install worked fine, but sshd still won't accept the=
option for kex diffie-hellman-group1-sha1. Perhaps I have the wrong nam=
e for that build-option, or I set it to the wrong value? Or is there som=
e option that I have to specify in the kernel-config file?</p>
<p dir=3D"auto">It will be okay with me if this was an explicit decision =
to remove all support for the option in favor of better security, but I'm=
not finding anything to suggest that this change was intentional. I can=
't even tell when it happened, except to say that it was sometime between=
Feb 2021 and this past weekend. It might even be that this is a side-ef=
fect of building a new system from scratch? My older server was original=
ly built as freebsd-9-stable, and had been upgraded many times until it g=
ot to 13-stable. Who knows what cruft is lurking around on it!</p>
<p dir=3D"auto">In any case, if there is some easy way for me to enable t=
he option for incoming 'sshd' connections, that would be very nice.</p>
</div>
<!DOCTYPE html><div dir=3D"auto" style=3D"color: rgb(0, 0, 0); font-famil=
y: sans-serif; font-style: normal; font-variant-caps: normal; font-weight=
: normal; letter-spacing: normal; orphans: auto; text-align: start; text-=
indent: 0px; text-transform: none; white-space: pre-wrap; widows: auto; w=
ord-spacing: 0px; -webkit-text-stroke-width: 0px;">-- =
</div><div dir=3D"auto" style=3D"color: rgb(0, 0, 0); font-family: sans-s=
erif; font-style: normal; font-variant-caps: normal; font-weight: normal;=
letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0=
px; text-transform: none; white-space: pre-wrap; widows: auto; word-spaci=
ng: 0px; -webkit-text-stroke-width: 0px;">Garance Alistair Drosehn =
=3D drosih@rpi.edu
</div><div dir=3D"auto" style=3D"color: rgb(0, 0, 0); font-family: sans-s=
erif; font-style: normal; font-variant-caps: normal; font-weight: normal;=
letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0=
px; text-transform: none; white-space: pre-wrap; widows: auto; word-spaci=
ng: 0px; -webkit-text-stroke-width: 0px;">Lead Developer @rpi =
and gad@FreeBSD.org
</div><div dir=3D"auto" style=3D"color: rgb(0, 0, 0); font-family: sans-s=
erif; font-style: normal; font-variant-caps: normal; font-weight: normal;=
letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0=
px; text-transform: none; white-space: pre-wrap; widows: auto; word-spaci=
ng: 0px; -webkit-text-stroke-width: 0px;">Rensselaer Polytechnic Institut=
e; Troy, NY; USA</div>
</div>
</body>
</html>
--=_MailMate_89668C7E-BD76-4B3F-8189-3AB56BE0D23F_=--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C755168A-A95D-47A2-9C9B-410FB9E56FDF>