Date: Tue, 24 Sep 2024 19:16:04 +0000 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Colin Percival <cperciva@tarsnap.com> Cc: freebsd-arch@freebsd.org, Li-Wen Hsu <lwhsu@freebsd.org>, Ronald Klop <ronald@freebsd.org> Subject: Re: Deprecating RSA ssh host keys in 16 Message-ID: <wzyhp2k7fyvg6qxrkrs32uweiuijpv7f6sjjt2yuonob7py3gj@7f7xdqj72erk> In-Reply-To: <0100019225563885-e7f0aed8-cff8-4247-8bcd-861aed3e5cc7-000000@email.amazonses.com> References: <0100019225563885-e7f0aed8-cff8-4247-8bcd-861aed3e5cc7-000000@email.amazonses.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--dyfjfljtd52fzlwq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Sep 24, 2024 at 06:41:00PM UTC, Colin Percival wrote: > Hi all, >=20 > Last week I turned off RSA host key generation for SSH in EC2 instances, > because (a) modern SSH clients support ecdsa and ed25519 keys, and (b) > generating RSA host keys was taking over 10% of the boot time when EC2 > instances booted for the first time. >=20 > I don't think we should turn off RSA host key generation in general in > 15.x since for non-VM/cloud images the first boot time is less relevant > (if you're installing from an ISO image, the installer will take far > longer than the host key generation) but I think it would make sense to > deprecate RSA host keys in 15 and then turn them off by default in 16. >=20 > I'm not sure if there's any good way to announce the deprecation beyond > putting it into the release notes; we could print a warning in 15 when > RSA host keys are generated, but that will always fire regardless of > whether they're being *used* and I don't think there's any practical way > to warn specifically when RSA host keys are *used*. So unless I'm > missing something, the deprecation would just take the form of a few lines > in the release notes. >=20 > Thoughts? With commit e3f33c64ec168a48038309af0c237eda86d10c74[1], introduced on 14 Nov 2024, HardenedBSD has disabled the generation of RSA host keys by default. We haven't seen any reports of any breakage. While the change might be considered a POLA violation, it seems pretty harmless on today's 15-CURRENT systems. We have a number of 15-CURRENT users, though we don't have any hard data, and likely pales in comparison to the FreeBSD side--enough so that the sample is too small to be a significant or reliable data point. I have this commit taged as MFC-able, though I haven't MFC'd just yet. It completely spaced my mind and I'll likely MFC shortly after sending this email. [1]: https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/commit/e3f33c64e= c168a48038309af0c237eda86d10c74 Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --dyfjfljtd52fzlwq Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmbzD+0ACgkQ/y5nonf4 4frLBxAAh3O+J8tPSX5p3SuvoPop/XoXt6dBl0svZkQhLatAmT3DNoXSxwNLOBV7 8U6CBMRH8JT1f0aT7R0WCjdsZTT7Bw0n7/HdlLjgw3Y+Mdltdd74mSxWcXfMjNtQ 5a+01q8Bg46cPNL9YgdSJX3emOUY86eQ6bWpbuJUxobN3iVtuKUhMzSxi4U1yfX+ bJhegd+Nf+DA1QgKAd6S0V97pc8+wgr/dNpNgpH+NRcGvfD2s8Ae/Fnzljvfd3WQ vucPBKipRZlU5nzx/eeziEkgNQghQD5w+0CkGlA9lshhmhz7/C/AA+wHhqWbS6MC lfKKMry1TF0aQPy62SUprAqnIMCm2bhsNbDdXB6jz9vTTKc+Db+pg976Jjcv3Nwe wb7Yiv+NDM64hZrsgEeK1reyzxSlGiqEHqBll7bsPPIcyvJLC925GV0TZPzqB1Sa gFyC2lOiC8BJweYlqzrF41HzeHolZHon78M6ww8N+C/ovl6e7JRVg2n5M3e8Kova x06pqDZXpUBp6K/BqsBS1Wfe/Yf7eGuvgvk1TYrUp9tMoseTweIDWm3vyb/iKQ9g i+E8n6faq7JuR9GZl5hBWuNrpYIoB0CKUOaIO3WaUi+spyRKIJfrVDF/+PNntoi5 ls2bHnscUHIswVYnI3JRza997M2u7FYvNbzhG7cvWrMzHrEnRrg= =Qlbi -----END PGP SIGNATURE----- --dyfjfljtd52fzlwq--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?wzyhp2k7fyvg6qxrkrs32uweiuijpv7f6sjjt2yuonob7py3gj>