From nobody Fri Apr 11 02:23:45 2025 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZYgTt2LmGz5sKv3 for ; Fri, 11 Apr 2025 02:23:46 +0000 (UTC) (envelope-from brooks@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZYgTt1JCKz426Y; Fri, 11 Apr 2025 02:23:46 +0000 (UTC) (envelope-from brooks@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1744338226; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=/Tj4kf/Kbld7Oc5WaCdeIBppxgEhgMeCceRvdhCFwyY=; b=mmH+CaMgUKIJHJLXHm8QaJ7eq6Oh1I/Ai6mGaXP51LWGWkk8hY3Vzhkn+P5xUBcfllGg0H rJF07ORZBbg/MGXO/Bws5t63qp2nAAdVmk+QAAIrQj3HF49cfoj7dLICrlKjRRHbn5a/m/ ttbFW3mgqcH3J6vly9ZCU/RlVI3jnIM9cJPMT1EHzVAtTJ5FD/QMbO6PiRj5Qwgtb1KCdO 5kdyScOX6Fwwwj584p/FqQhr6K3OZ228PEjrYOIgF/RI6goehk0l5FJbB9n1tdRsVZ0mhT SxODaxhJl46hkTQxfMlPoaX1N4k9yL7iuMb/xSsmon3AG9d/01m8sR3nr43F6Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1744338226; a=rsa-sha256; cv=none; b=ij8/G9MQGO2wYt7/XDDlLPBTbH/6yLdbT4mmVfYC8DJi3HCE07qb2XAvQVogZevzdaEsVu UiVl6NrtZxGSGC0nNEsOzdqqoyFJNkOPJTY4v1tf3mxgiCKjHT08csIrZr5gmavh/kv0eH GfTO1WFc/hbTCjFx1QADhMy1hV1uMbwyTT9eSWDiQnHh8XYfqBovpSB6OCu7e2QDH+zSWI mTTjzPZDlyp2zGaos+aqzBmC0xnkPS/j/sF1xtvyd1CoU+PZz9Ww017rhs+wwLHuVe1fbJ idyYJg5etA3QQzh/m64sfuTi8VxkunpvUIBYiAks2ZXGr/hJ8HsFDvd8M6pgpg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1744338226; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=/Tj4kf/Kbld7Oc5WaCdeIBppxgEhgMeCceRvdhCFwyY=; b=bt5oGPiycUov9UNGURsf/v2oBOiNxxZNQoKneyNFsA702XcjumLK8QvsLJEJs50ks96HDe 4phwwygFAb/bDsae2m2fTJdj3WFdhq31aKgU6r5m61jBgfHldtYl5ll58kpn8zRw3VKcm5 i1Rl3KFut24wENf4ZNybkAd9ZNSvMcuMuNOQMx5k4dzGgeC4aGeMNYDuUeoNuLDK1RXWFx 5O3SU2HYXBLeixoNwwm7bNjqWMoUBrM/sBS6iwY+/Utvh5LQLcDPDLZPPDrY+CMDSqXwHJ Bh3Da6roK18TH31HgDrOeYymo5OsOFsR5lsG5bC1UT5FafHSRA06td3LU7rT/g== Received: from spindle.one-eyed-alien.net (spindle.one-eyed-alien.net [199.48.129.229]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: brooks/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4ZYgTt0HGSz2JD; Fri, 11 Apr 2025 02:23:46 +0000 (UTC) (envelope-from brooks@freebsd.org) Received: by spindle.one-eyed-alien.net (Postfix, from userid 3001) id 71AD03C01A0; Fri, 11 Apr 2025 02:23:45 +0000 (UTC) Date: Fri, 11 Apr 2025 02:23:45 +0000 From: Brooks Davis To: "Bjoern A. Zeeb" Cc: Ed Maste , freebsd-security@freebsd.org Subject: Re: Heads-up: DSA key support being removed from OpenSSH Message-ID: References: <76933d66-eff5-4d43-a7a6-98a153e71d77@rlwinm.de> List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-security@freebsd.org Sender: owner-freebsd-security@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Thu, Apr 10, 2025 at 10:24:49PM +0000, Bjoern A. Zeeb wrote: > On Thu, 10 Apr 2025, Ed Maste wrote: > > > On Wed, 19 Mar 2025 at 17:21, Jan Bramkamp wrote: > > > > > > As long as it's "only" a compile-time option away for FreeBSD to enable > > > this flawed cipher I would like to have it compiled in by default so it > > > doesn't require installing SSH from ports to connect to some stupid old > > > router/switch/UPS/whatever over SSH. As long as it won't negotiate that > > > cipher with the default configuration that's safe enough for my needs. > > > > > > TL;DR: Please keep it enabled it at compile-time, but configured > > > disabled. FreeBSD shouldn't require recompiling the base system to > > > connect to older embedded devices. > > > > It's a compile-time option in 9.9 and earlier. As of 10.0 the > > configure infrastructure has been removed but the source hasn't yet > > been deleted. I expect that will happen soon though. > > > > We'll keep DSA available, at least in stable branches, as long as it's > > reasonably convenient and safe to do so, but won't patch it back in > > once the source is removed. > > Is there any chance to keep an openssh (client) port (possibly with known > security risks)? It seems like it would be reasonable to keep a copy of the 9.8 client around more or less indefinitely. Ideally tracking what ever fixes the longest lived, open Linux LTS is applying. Similarly we have an openssl-unsafe for connecting to old gear. I may be mistaken, but I believe security/putty's upstream takes the maximum compatibility approach. If I'm correct, people may want to switch to it for these needs. For a security/openssh98 or similar we might want to do something similar to the change I'm proposing in CheriBSD-ports where we want to package software with known vulnerabilities (e.g., webp with BLASTPASS) for the purpose of making security demos but make an concerted effort to make it hard to install. I probably wouldn't go as far as the linked USES=vulnerable implementation does, but perhaps it will serve as inspiration. A USES=obsolete:crypto that adds a known prefix and a knob to disable all such ports seems pretty plausible. https://github.com/CTSRD-CHERI/cheribsd-ports/pull/201/commits/3fdf8922f3f416770b265fd35f05c680ed6e00c2 -- Brooks