[Bug 3779] New: SHA1 deprecation
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Jan 21 00:13:03 AEDT 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3779
Bug ID: 3779
Summary: SHA1 deprecation
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: trivial
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: shaheena.kazi at gmail.com
Created attachment 3853
--> https://bugzilla.mindrot.org/attachment.cgi?id=3853&action=edit
ssh_vvv
Package - OPENSSH
I am using Debian 10 with the openssh version as OpenSSH_8.4p1
Debian-2~bpo10+1. I have taken the package provided by Debian.
I have a question - Is SHA1 still being supported on the openssh
connections. I have done a ssh -vv user@<IP ADDRESS> which shows some
traces for ssh-rsa.
So, I just wanted to understand if SHA1 is still being supported.
output for ssh -vv user@<IP ADDRESS> command:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[xxxxxxxxxxx] ➤ ssh -vv user at domain.com
OpenSSH_7.5p1, OpenSSL 1.0.2o 27 Mar 2018
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 13: Deprecated option "useroaming"
debug2: resolving "domain.com" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to domain.com [IP Address] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.5
debug1: Remote protocol version 2.0, remote software version
OpenSSH_8.4p1 Debian-2~bpo10+1
debug1: match: OpenSSH_8.4p1 Debian-2~bpo10+1 pat OpenSSH* compat
0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to domain.com:22 as 'user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms:
ssh-rsa-cert-v01 at openssh.com,ssh-rsa,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-dss,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
debug2: ciphers ctos:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes256-gcm at openssh.com,aes128-cbc,3des-cbc,arcfour,aes128-gcm at openssh.com,chacha20-poly1305 at openssh.com,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se
debug2: ciphers stoc:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes256-gcm at openssh.com,aes128-cbc,3des-cbc,arcfour,aes128-gcm at openssh.com,chacha20-poly1305 at openssh.com,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se
debug2: MACs ctos:
hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-sha1-96,hmac-md5-96,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-ripemd160 at openssh.com
debug2: MACs stoc:
hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-sha1-96,hmac-md5-96,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-ripemd160 at openssh.com
debug2: compression ctos: zlib at openssh.com,zlib,none
debug2: compression stoc: zlib at openssh.com,zlib,none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256 at libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr
debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512
debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512
debug2: compression ctos: none,zlib at openssh.com
debug2: compression stoc: none,zlib at openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256 at libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256
compression: zlib at openssh.com
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256
compression: zlib at openssh.com
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa
SHA256:hj6ZXuQx1fgBnElFPyYeig2xiLXop0G/7e5dOtshG1k
debug1: Host 'domain.com' is known and matches the RSA host key.
debug1: Found key in /home/mobaxterm/.ssh/known_hosts:3
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: key: /home/mobaxterm/.ssh/id_rsa (0x0)
debug2: key: /home/mobaxterm/.ssh/id_dsa (0x0)
debug2: key: /home/mobaxterm/.ssh/id_ecdsa (0x0)
debug2: key: /home/mobaxterm/.ssh/id_ed25519 (0x0)
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info:
server-sig-algs=<ssh-ed25519,sk-ssh-ed25519 at openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256 at openssh.com,webauthn-sk-ecdsa-sha2-nistp256 at openssh.com>
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/mobaxterm/.ssh/id_rsa
debug1: Trying private key: /home/mobaxterm/.ssh/id_dsa
debug1: Trying private key: /home/mobaxterm/.ssh/id_ecdsa
debug1: Trying private key: /home/mobaxterm/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
debug2: we sent a password packet, wait for reply
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (password).
Authenticated to Domain.com ([IP Address]:22).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions at openssh.com
debug1: Entering interactive session.
debug1: pledge: exec
debug1: client_input_global_request: rtype hostkeys-00 at openssh.com
want_reply 0
debug2: callback start
debug2: x11_get_proto: /bin/xauth list 127.0.0.1:0.0 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 1
debug1: Requesting authentication agent forwarding.
debug2: channel 0: request auth-agent-req at openssh.com confirm 0
debug2: fd 3 setting TCP_NODELAY
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug2: channel 0: request shell confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 100 id 0
X11 forwarding request failed on channel 0
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Linux XXXXXXXXXXX 4.19.304generic #1 SMP Mon Jan 15 05:59:02 UTC 2024
x86_64
Last login: Thu Jan 16 14:18:26 2025 from <IP Address>
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I wanted to understand if the below debug logs from the above ssh -vv
command correspond to SHA1:
1) debug1: kex: host key algorithm: ssh-rsa
2) debug1: Server host key: ssh-rsa
SHA256:hj6ZXuQx1fgBnElFPyYeig2xiLXop0G/7e5dOtshG1k
3) debug1: kex_input_ext_info:
server-sig-algs=<ssh-ed25519,sk-ssh-ed25519 at openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256 at openssh.com,webauthn-sk-ecdsa-sha2-nistp256 at openssh.com>
Also, using this command : ssh -o HostKeyAlgorithms=+ssh-rsa
<hostname>, I am allowed to login on the machine using OpenSSH_8.4p1
Debian-2~bpo10+1
Similarly, on a Debian 12 machine where we have OpenSSH_9.2p1
Debian-2+deb12u4, OpenSSL 3.0.15 3 Sep 2024 if I run ssh -o
HostKeyAlgorithms=+ssh-rsa <hostname>, I am able to login.
I had added HostKeyAlgorithms -ssh-rsa in the ssh config files but
still sha1 is being accepted.
Please suggest if this is what is expected or is my machine vulnerable
to SHA1.
Please suggest if we are missing out on something.
Thanks,
Shaheena K
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list