touch-packages team mailing list archive

Thread
Date

[Bug 1499392] Re: OpenSSH Security and SHA1

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Seth Arnold <1499392@xxxxxxxxxxxxxxxxxx>
Date: Mon, 05 Oct 2015 19:02:52 -0000
Reply-to: Bug 1499392 <1499392@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Thank you Colin, that's great news.

I think we should have a discussion about which algorithms to deprecate,
when, for the whole distribution. I'd like a consistent approach to when
we stop supporting md5/sha-1/rc4 etc. Of course different protocols may
have different threat models so it may not be appropriate to apply a
single blanket rule for any algorithm, but supporting 16.04 LTS in 2021
makes me think that we ought to be willing to cut the algorithms known
to be weak today.

OpenSSH's choices for e.g. 7.1 will probably make a lot of sense for
today but may make less sense in five years, when we're still supporting
7.1 but they've moved on. Other upstreams may not be as reliable as
OpenSSH, either, and second guessing their choices may make more sense.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1499392

Title:
  OpenSSH Security and SHA1

Status in openssh package in Ubuntu:
  Confirmed

Bug description:
  We should enhance Security by disabling SHA1 or, if not possible
  (older Clients) by changing the KexAlgorithms, Ciphers and MACs order.

  For e.g. by :

  1. If we add Support for older Clients we should change this:

  #### OpenSSH Security ####

  KexAlgorithms curve25519-sha256@xxxxxxxxxx,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
  Ciphers chacha20-poly1305@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx,aes128-gcm@xxxxxxxxxxx,aes256-ctr,aes192-ctr,aes128-ctr
  MACs hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-ripemd160-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@xxxxxxxxxxx

  2.  If we just Support new Clients we should change this :

  [...]
  HostKey /etc/ssh/ssh_host_rsa_key
  HostKey /etc/ssh/ssh_host_ed25519_key
  [...]

  #### OpenSSH Security ####

  KexAlgorithms curve25519-sha256@xxxxxxxxxx,diffie-hellman-group-exchange-sha256
  Ciphers chacha20-poly1305@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx,aes128-gcm@xxxxxxxxxxx,aes256-ctr,aes192-ctr,aes128-ctr
  MACs hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-ripemd160-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@xxxxxxxxxxx

  For more Information about my report go here:

  https://github.com/scaleway/image-ubuntu/pull/35

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1499392/+subscriptions

Follow ups

Re: [Bug 1499392] Re: OpenSSH Security and SHA1
From: Colin Watson, 2015-10-05