[Bug 2793] New: DH Group Exchange Incorrect Fallback
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Oct 10 05:41:59 AEDT 2017
https://bugzilla.mindrot.org/show_bug.cgi?id=2793
Bug ID: 2793
Summary: DH Group Exchange Incorrect Fallback
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: jtesta at positronsecurity.com
Created attachment 3066
--> https://bugzilla.mindrot.org/attachment.cgi?id=3066&action=edit
Patch to remove the fallback mechanism.
(This issue was discussed in-depth on the openssh-unix-dev mailing list
here:
https://lists.mindrot.org/pipermail/openssh-unix-dev/2017-September/036217.html)
The Diffie-Hellman group exchange code has a fallback mechanism in case
a sufficient entry in /etc/ssh/moduli is not found. Unfortunately,
this mechanism directly disobeys what a sysadmin wants.
For example, if the sysadmin deletes all DH groups with moduli smaller
than 3072-bit, code will nevertheless return 2048-bit group14 (see
dh.c:441). The correct behavior would be to disconnect with the
client.
In fact, ALL cases where a sufficient group cannot be found in
/etc/ssh/moduli should result in a disconnect, as the admin has
indicated that *only* those listed in that file should be used. Hence,
the attached patch fully removes this fallback mechanism in order to
respect the admin's wishes.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list