Site Navigation

Date:      Sun, 12 Sep 2021 10:40:49 -0400
From:      Karl Denninger <karl@denninger.net>
To:        freebsd-security@freebsd.org
Subject:   Re: Important note for future FreeBSD base system OpenSSH update
Message-ID:  <2bb56783-2727-9bea-7810-58969d91c00f@denninger.net>
In-Reply-To: <8169A4A8-B8D1-4265-87C8-74ED4D34FBC8@fasel.at>
References:  <CAPyFy2A390kS_C3g=Y9QhQcJ06z_FKUxXsNvi9g2CdWF24pukg@mail.gmail.com> <CAPyFy2B04b0GtWoHFQwxht5vK4_cnApPXpDLXU%2BRvcR=2L9YxA@mail.gmail.com> <CAPyFy2Aw8Z3ngiM8YHApjjPRLZVC5MCN8TRQkh6pj2fSeM1zqw@mail.gmail.com> <8169A4A8-B8D1-4265-87C8-74ED4D34FBC8@fasel.at>

---

index | next in thread | previous in thread | raw e-mail

---

[-- Attachment #1 --]
On 9/12/2021 10:02, Markus Falb wrote:
>> On 09.09.2021, at 20:01, Ed Maste <emaste@freebsd.org> wrote:
>>
>> OpenSSH will disable the ssh-rsa signature scheme by default in the
>> next release.
>>
>> ...
>>
>> To check whether a server is using the weak ssh-rsa public key
>> algorithm, for host authentication, try to connect to it after
>> removing the ssh-rsa algorithm from ssh(1)'s allowed list:
>>
>>     ssh -oHostKeyAlgorithms=-ssh-rsa user@host
> FWIW, some of us may already have dealt with that.
> FIPS enabled RedHat Enterprise Linux (and probably other FIPS enabled
> systems) means effectively no ssh-rsa signature available in the sshd.
> I had that situation at the beginning of the year.
>
> As mentioned, ssh-rsa signature algorithm will stop working, but
> that does not automatically imply that every RSA key must be
> changed to something other. The signature algorithm is not a
> property that is inherent to the key.
>
> That said, existing RSA keys were working fine for me (my openssh
> client was rsa-sha2-256 and rsa-sha2-512 capable) but when I tested
> with some popular windows clients (filezilla, putty) it failed
> (apparently no rsa-sha2 algorithms available).
>
> I found it interesting that mentioned clients were ecdsa
> capable but did not support sha2 signatures with RSA keys.
> Maybe the situation changed in the meantime to the better.
>
> There are 3 scenarios:
>
> 1. both sides support rsa-sha2 signatures -> RSA keys still working
>
> 2. one side does not support sha2 signatures but does support other
> key types -> you can change key type
>
> 3. one side does not support sha2 and no other key type -> you loose
>
> A prominent candidate for 3. would be Cisco IOS

This has come up before with web browsers and is a serious PITA when 
there is no override available for those who need it on a targeted, 
specific basis.

I have in the field a BUNCH of "smart" rack power strips that have this 
problem; their management firmware does NOT support more-modern cipher 
sets and SSL requirements.  I get it, those older SSL versions are 
insecure and we know it.  But when the browser people all decided to 
kill the ability to connect to such servers with no override (that is, 
don't warn, DENY with no option to get around it) all of a sudden 
logging into those strips to change (for example) the name of a socket, 
the alarm limits and similar became literally impossible.  Contacting 
the manufacturer resulted in a middle finger back; "nope, we're not 
releasing new firmware for that."  I've seen the same thing with some 
older OOB management interfaces on server boards; they won't take an 
acceptably-long (by modern standards) HTTPS server key, and thus, same 
problem and same answer from the manufacturer.  These are 
perfectly-serviceable devices in their application and quite-expensive 
to replace when there's nothing wrong with them. On the server boards by 
now they've all been retired as people decided the better power budget 
and performance levels made changing them (and re-purchasing the RAM 
that went on them, which for larger servers is a non-trivial part of the 
total expense) a reasonable proposition.  This of course is not true for 
a smart power strip in the rack and makes both monitoring of energy and 
remote-hard-power-cycle available without a physical site visit or 
remote hands.

In the case of the power strips the "answer" was one of the prepackaged, 
self-contained old "portable" versions of FireFox which complains but 
the alert can be clicked through.  I recognize that exposing those 
devices to the Internet is unsafe but have never trusted that anyway; 
they're behind a gateway box with no port hole punch and if I'm VPN'd in 
then it's not possible for a random person to screw with it.

It would be sad indeed if the only answer here is "load up a partition 
with an older copy of FreeBSD on some device and use that."  Can we 
avoid that being the answer, as it became with the browser issues?

-- 
Karl Denninger
karl@denninger.net <mailto:karl@denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/

[-- Attachment #2 --]
0�	*�H��

��0�

10
	`�H
e0�	*�H��


��
�0��0���
�H���^��Ōc!5�
�H0
	*�H��


0��10	UUS10UFlorida10U	Niceville10U
Cuda Systems LLC10UCuda Systems CA1!0UCuda Systems LLC 2017 CA0
170817164217Z
270815164217Z0{10	UUS10UFlorida10U
Cuda Systems LLC10UCuda Systems CA1%0#UCuda Systems LLC 2017 Int CA0�"0
	*�H��



�0�
�
�h�-5B>[���;��o���l�Ӵ��0~͎O9}�9�Y��e������*�������$��g��!uk�vʶ�LzN�`jL�>��MD'7
U4����5C�B�+�kY`bd����~b*�c3�N��y-�78j�u�]9H�e��uέ�sӬD��ؽ�m��gw�ER�?�&U�UR�j����'�}�9n�WD i�`XcbG��z�\g������G=��u�%���\�O�i1���3���ߝ4�
�K4�4p�YQr]�Ie�/r�0+��eEޝݖ0��C15�M��ݚ@J�SZ(zȏ�N�Ta�(2��5�D�D5���.l�<g[[Za��r�Q�Q%�Bu�ȴ
����~~`���I�oh�R�b����ʳ��ڟ���u�2���M�S��8E�dF��UC���l�CM�aѳ����!����}ș�+�2��k
��/�bų�E,��n�当ꖛ\�(8�WV�8	d]�b�	�������y�X��w	܊�:I�39

��

0�
0U]�^§������Q�\ӎ�0��U#��0�����T0�3���9�N0b������0��10	UUS10UFlorida10U	Niceville10U
Cuda Systems LLC10UCuda Systems CA1!0UCuda Systems LLC 2017 CA�	�@�U��i0U

�0

�
0U

�
�0
	*�H��


�
��:P U!>v�����J�ni��o�-����#�ן�]Wyu�j���ǑR̀��Q�
�nƇ�!GѦF��g\�yLx�g�w=�O�P��yceh�f[���}�ܷ�['4�ڝ�\[p6\o.
��B&�JF���"�ZC{;�*o�*�mc��Cc�LY߾�`
�t�*�S!����񫶭�(���`�]D�HP�5���A~/�N���Pp�����6�=�m��h�k�밣'd���oA$�86hm����5���Ӛ��S@�j���ެE���gl��
�)�0JG���`%�k�3�5��P��a��C?���σ
׳HE�t
}!�P���㏏%*���B�xb��Q�waKG����$6h�¦��M�v��e;��[o��-�Iی��&
���I,��T��c�ߎ#t �wPA�@��l0�P�+�KXB��պT	z���G�v;N��c��I3��&��JĬ���UP�N��a��?�/�%�W��6G۟N�0�00��
��k���#X��d��\�=0
	*�H��


0{10	UUS10UFlorida10U
Cuda Systems LLC10UCuda Systems CA1%0#UCuda Systems LLC 2017 Int CA0
170817212120Z
220816212120Z0W10	UUS10UFlorida10U
Cuda Systems LLC10Ukarl@denninger.net0�"0
	*�H��



�0�
�
�T��[I�-ΆϏdn;�Å�@שy���.u�s�~_�Z�G%<��M��Y��d�\g��v�f��n�s�a��1'6����E�gyjs�"C� [�{��~��_���K���Pn+<�*�pv���#Q�����+��H���/���7[-v��qD��V^U>�f��%�GX�)��H.��|l`�M(C�r�>е͇6����#�o��dc"Y�ljҦ�ln8�@�5S�A�0���&ۖ"���OGj?��U��DWZ5	��dDB7k-)�9�����I�zs��-�JA���v
��J��6L���$�Ն����1Sm�Y.��Lqw*��SH;E��F'�D�Ħ��H��]��M��O��������g���Q���Q�|M�ٙ��ג2Z��9y��@���y�]}6ٽe��Y9��Y2�xˆ�$T�=�e�CǺ��ǵb�n֛�{��j��|��@�LL�t�1�[D�k5:$=�	`�	�M

��
�0�
�0<+


00.0,+
0
� http://ocsp.cudasystems.net:88880	U00	`�H
��B

�0U

��0U%0+
+
03	`�H
��B

&$OpenSSL Generated Client Certificate0U�%�՞V
=���؁�;�bzQ0��U#��0���]�^§������Q�\ӎϡ�����0��10	UUS10UFlorida10U	Niceville10U
Cuda Systems LLC10UCuda Systems CA1!0UCuda Systems LLC 2017 CA��H���^��Ōc!5�
�H0U0�karl@denninger.net0
	*�H��


�
�۠�A0�-j%-�-$%���g2#ޡ��1�^��>���{K+�u��GE���v1���ş7Af&b�&O�;.��;A5���*U��)N��D2bF��|\=�]<�sˋL!��wrw���٧>��Y���M���Ä���3\mW�R�� h�Sv���!�_�zv�����l�?� ��3_�� �xU%�\�^����#���O*���Gk̍�YI_�&�Fꊛ�����@&�1�n������”�}� ͬ:��{�hT�P3��B.�;���bU�8:Z��=^���Gw�8���!k-��@���x�E��@�i�,+'�Iᐚ:f��hz�tX7/�(h�Y`��� O�.������1}a`�%�RW��^�a�k������ǂp�C�Au�fgDix�UT��Щ/�7��}�%=j��nVZvcF����<�M=
�2^G�KH5魉
�_���O�4ެ�Byʈ�
��y��S��k�w=5�@h�.0�z�>�
W�1�0�

0��0{10	UUS10UFlorida10U
Cuda Systems LLC10UCuda Systems CA1%0#UCuda Systems LLC 2017 Int CA��k���#X��d��\�=0
	`�H
e��E0	*�H��

	1	*�H��


0	*�H��

	1
210912144050Z0O	*�H��

	1B@����Q��@�\�K�8��mu��;�s�@64�"�p����w�����$)s5��;
)��s�>0l	*�H��

	1_0]0	`�H
e
*0	`�H
e
0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0��	+

�71��0��0{10	UUS10UFlorida10U
Cuda Systems LLC10UCuda Systems CA1%0#UCuda Systems LLC 2017 Int CA��k���#X��d��\�=0��*�H��

	1�����0{10	UUS10UFlorida10U
Cuda Systems LLC10UCuda Systems CA1%0#UCuda Systems LLC 2017 Int CA��k���#X��d��\�=0
	*�H��



��B�oJ�^FNN��O����8Zz$�
�X�&�gF�Ԣ��k5��a�/���Qܼ�ta=BKFG'�(Mۢpj���
�R�m�n��:8��c^9��{�pY-31���c
w����B�K;嬅��H`�	�$hf���>����@���.8Ο��8}a��+"��Z���H�rƉŁ7�a�I�Ҝ��!(8}'� �j���j(�֕�i�1���&�
��r2����.V8*��R�x�[�QQ̡V g�D���1w,v�Ʈ?��]�g�a�	EW��j�2i������Jb� ��5��ʍ��*g�f-"3�#�}�i��7�@^o�9vKj�:EKm_��Hb�)��Q��2]�ѮSO�-�p+Z���8+�.��s�ě
��n-m
"-|T݋��r���x+�<ok��EZ$Dɋb��h���	����/qv�\'64����;���{i���g���7q!�6^���o�"]u��hu���g�����~��#��3/��Ý�`�ϨЖо

home | help

---

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2bb56783-2727-9bea-7810-58969d91c00f>

Legal Notices | © 1995-2026 The FreeBSD Project. All rights reserved.

Contact