[openssh-commits] [openssh] 02/06: upstream commit
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Aug 23 14:33:44 AEST 2016
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit ffe6549c2f7a999cc5264b873a60322e91862581
Author: naddy at openbsd.org <naddy at openbsd.org>
Date: Mon Aug 15 12:32:04 2016 +0000
upstream commit
Catch up with the SSH1 code removal and delete all
mention of protocol 1 particularities, key files and formats, command line
options, and configuration keywords from the server documentation and
examples. ok jmc@
Upstream-ID: 850328854675b4b6a0d4a90f0b4a9dd9ca4e905f
---
sshd.8 | 108 +++++++++++++---------------------------------------------
sshd_config | 17 ++-------
sshd_config.5 | 72 +++------------------------------------
3 files changed, 29 insertions(+), 168 deletions(-)
diff --git a/sshd.8 b/sshd.8
index 6c521f2..148a8b9 100644
--- a/sshd.8
+++ b/sshd.8
@@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.284 2016/02/17 07:38:19 jmc Exp $
-.Dd $Mdocdate: February 17 2016 $
+.\" $OpenBSD: sshd.8,v 1.285 2016/08/15 12:32:04 naddy Exp $
+.Dd $Mdocdate: August 15 2016 $
.Dt SSHD 8
.Os
.Sh NAME
@@ -44,14 +44,12 @@
.Nm sshd
.Bk -words
.Op Fl 46DdeiqTt
-.Op Fl b Ar bits
.Op Fl C Ar connection_spec
.Op Fl c Ar host_certificate_file
.Op Fl E Ar log_file
.Op Fl f Ar config_file
.Op Fl g Ar login_grace_time
.Op Fl h Ar host_key_file
-.Op Fl k Ar key_gen_time
.Op Fl o Ar option
.Op Fl p Ar port
.Op Fl u Ar len
@@ -96,9 +94,6 @@ to use IPv4 addresses only.
Forces
.Nm
to use IPv6 addresses only.
-.It Fl b Ar bits
-Specifies the number of bits in the ephemeral protocol version 1
-server key (default 1024).
.It Fl C Ar connection_spec
Specify the connection parameters to use for the
.Fl T
@@ -169,36 +164,18 @@ This option must be given if
is not run as root (as the normal
host key files are normally not readable by anyone but root).
The default is
-.Pa /etc/ssh/ssh_host_key
-for protocol version 1, and
.Pa /etc/ssh/ssh_host_dsa_key ,
-.Pa /etc/ssh/ssh_host_ecdsa_key .
+.Pa /etc/ssh/ssh_host_ecdsa_key ,
.Pa /etc/ssh/ssh_host_ed25519_key
and
-.Pa /etc/ssh/ssh_host_rsa_key
-for protocol version 2.
+.Pa /etc/ssh/ssh_host_rsa_key .
It is possible to have multiple host key files for
-the different protocol versions and host key algorithms.
+the different host key algorithms.
.It Fl i
Specifies that
.Nm
is being run from
.Xr inetd 8 .
-If SSH protocol 1 is enabled,
-.Nm
-should not normally be run
-from inetd because it needs to generate the server key before it can
-respond to the client, and this may take some time.
-Clients may have to wait too long if the key was regenerated every time.
-.It Fl k Ar key_gen_time
-Specifies how often the ephemeral protocol version 1 server key is
-regenerated (default 3600 seconds, or one hour).
-The motivation for regenerating the key fairly
-often is that the key is not stored anywhere, and after about an hour
-it becomes impossible to recover the key for decrypting intercepted
-communications even if the machine is cracked into or physically
-seized.
-A value of zero indicates that the key will never be regenerated.
.It Fl o Ar option
Can be used to give options in the format used in the configuration file.
This is useful for specifying options for which there is no separate
@@ -257,8 +234,7 @@ may also be used to prevent
from making DNS requests unless the authentication
mechanism or configuration requires it.
Authentication mechanisms that may require DNS include
-.Cm RhostsRSAAuthentication ,
-.Cm HostbasedAuthentication ,
+.Cm HostbasedAuthentication
and using a
.Cm from="pattern-list"
option in a key file.
@@ -269,42 +245,14 @@ or
.Cm DenyUsers .
.El
.Sh AUTHENTICATION
-The OpenSSH SSH daemon supports SSH protocols 1 and 2.
-The default is to use protocol 2 only,
-though this can be changed via the
-.Cm Protocol
-option in
-.Xr sshd_config 5 .
-Protocol 1 should not be used
-and is only offered to support legacy devices.
-.Pp
+The OpenSSH SSH daemon supports SSH protocol 2 only.
Each host has a host-specific key,
used to identify the host.
-Partial forward security for protocol 1 is provided through
-an additional server key,
-normally 1024 bits,
-generated when the server starts.
-This key is normally regenerated every hour if it has been used, and
-is never stored on disk.
Whenever a client connects, the daemon responds with its public
-host and server keys.
+host key.
The client compares the
-RSA host key against its own database to verify that it has not changed.
-The client then generates a 256-bit random number.
-It encrypts this
-random number using both the host key and the server key, and sends
-the encrypted number to the server.
-Both sides then use this
-random number as a session key which is used to encrypt all further
-communications in the session.
-The rest of the session is encrypted
-using a conventional cipher, currently Blowfish or 3DES, with 3DES
-being used by default.
-The client selects the encryption algorithm
-to use from those offered by the server.
-.Pp
-For protocol 2,
-forward security is provided through a Diffie-Hellman key agreement.
+host key against its own database to verify that it has not changed.
+Forward security is provided through a Diffie-Hellman key agreement.
This key agreement results in a shared session key.
The rest of the session is encrypted using a symmetric cipher, currently
128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
@@ -477,32 +425,25 @@ key (empty lines and lines starting with a
.Ql #
are ignored as
comments).
-Protocol 1 public keys consist of the following space-separated fields:
-options, bits, exponent, modulus, comment.
-Protocol 2 public key consist of:
+Public keys consist of the following space-separated fields:
options, keytype, base64-encoded key, comment.
-The options field is optional;
-its presence is determined by whether the line starts
-with a number or not (the options field never starts with a number).
-The bits, exponent, modulus, and comment fields give the RSA key for
-protocol version 1; the
-comment field is not used for anything (but may be convenient for the
-user to identify the key).
-For protocol version 2 the keytype is
+The options field is optional.
+The keytype is
.Dq ecdsa-sha2-nistp256 ,
.Dq ecdsa-sha2-nistp384 ,
.Dq ecdsa-sha2-nistp521 ,
.Dq ssh-ed25519 ,
.Dq ssh-dss
or
-.Dq ssh-rsa .
+.Dq ssh-rsa ;
+the comment field is not used for anything (but may be convenient for the
+user to identify the key).
.Pp
-Note that lines in this file are usually several hundred bytes long
+Note that lines in this file can be several hundred bytes long
(because of the size of the public key encoding) up to a limit of
8 kilobytes, which permits DSA keys up to 8 kilobits and RSA
keys up to 16 kilobits.
You don't want to type them in; instead, copy the
-.Pa identity.pub ,
.Pa id_dsa.pub ,
.Pa id_ecdsa.pub ,
.Pa id_ed25519.pub ,
@@ -511,8 +452,7 @@ or the
file and edit it.
.Pp
.Nm
-enforces a minimum RSA key modulus size for protocol 1
-and protocol 2 keys of 768 bits.
+enforces a minimum RSA key modulus size of 768 bits.
.Pp
The options (if present) consist of comma-separated option
specifications.
@@ -690,7 +630,7 @@ maintained automatically: whenever the user connects from an unknown host,
its key is added to the per-user file.
.Pp
Each line in these files contains the following fields: markers (optional),
-hostnames, bits, exponent, modulus, comment.
+hostnames, keytype, base64-encoded key, comment.
The fields are separated by spaces.
.Pp
The marker is optional, but if it is present then it must be one of
@@ -731,9 +671,9 @@ character.
Only one hashed hostname may appear on a single line and none of the above
negation or wildcard operators may be applied.
.Pp
-Bits, exponent, and modulus are taken directly from the RSA host key; they
+The keytype and base64-encoded key are taken directly from the host key; they
can be obtained, for example, from
-.Pa /etc/ssh/ssh_host_key.pub .
+.Pa /etc/ssh/ssh_host_rsa_key.pub .
The optional comment field continues to the end of the line, and is not used.
.Pp
Lines starting with
@@ -772,8 +712,8 @@ Note that the lines in these files are typically hundreds of characters
long, and you definitely don't want to type in the host keys by hand.
Rather, generate them by a script,
.Xr ssh-keyscan 1
-or by taking
-.Pa /etc/ssh/ssh_host_key.pub
+or by taking, for example,
+.Pa /etc/ssh/ssh_host_rsa_key.pub
and adding the host names at the front.
.Xr ssh-keygen 1
also offers some basic automated editing for
@@ -912,7 +852,6 @@ This file is used in exactly the same way as
but allows host-based authentication without permitting login with
rlogin/rsh.
.Pp
-.It Pa /etc/ssh/ssh_host_key
.It Pa /etc/ssh/ssh_host_dsa_key
.It Pa /etc/ssh/ssh_host_ecdsa_key
.It Pa /etc/ssh/ssh_host_ed25519_key
@@ -924,7 +863,6 @@ Note that
.Nm
does not start if these files are group/world-accessible.
.Pp
-.It Pa /etc/ssh/ssh_host_key.pub
.It Pa /etc/ssh/ssh_host_dsa_key.pub
.It Pa /etc/ssh/ssh_host_ecdsa_key.pub
.It Pa /etc/ssh/ssh_host_ed25519_key.pub
diff --git a/sshd_config b/sshd_config
index 75ae8e7..9f09e4a 100644
--- a/sshd_config
+++ b/sshd_config
@@ -1,4 +1,4 @@
-# $OpenBSD: sshd_config,v 1.99 2016/07/11 03:19:44 tedu Exp $
+# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
@@ -15,21 +15,11 @@
#ListenAddress 0.0.0.0
#ListenAddress ::
-# The default requires explicit activation of protocol 1
-#Protocol 2
-
-# HostKey for protocol version 1
-#HostKey /etc/ssh/ssh_host_key
-# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
-# Lifetime and size of ephemeral version 1 server key
-#KeyRegenerationInterval 1h
-#ServerKeyBits 1024
-
# Ciphers and keying
#RekeyLimit default none
@@ -45,7 +35,6 @@
#MaxAuthTries 6
#MaxSessions 10
-#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
@@ -58,11 +47,9 @@ AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#RhostsRSAAuthentication no
-# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
-# RhostsRSAAuthentication and HostbasedAuthentication
+# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
diff --git a/sshd_config.5 b/sshd_config.5
index b70c313..d1a5d1d 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.228 2016/08/12 19:19:04 jca Exp $
-.Dd $Mdocdate: August 12 2016 $
+.\" $OpenBSD: sshd_config.5,v 1.229 2016/08/15 12:32:04 naddy Exp $
+.Dd $Mdocdate: August 15 2016 $
.Dt SSHD_CONFIG 5
.Os
.Sh NAME
@@ -230,8 +230,6 @@ of
.Dq publickey,publickey
will require successful authentication using two different public keys.
.Pp
-This option will yield a fatal
-error if enabled if protocol 1 is also enabled.
Note that each authentication method listed should also be explicitly enabled
in the configuration.
The default
@@ -709,15 +707,12 @@ is not to load any certificates.
.It Cm HostKey
Specifies a file containing a private host key
used by SSH.
-The default is
-.Pa /etc/ssh/ssh_host_key
-for protocol version 1, and
+The defaults are
.Pa /etc/ssh/ssh_host_dsa_key ,
.Pa /etc/ssh/ssh_host_ecdsa_key ,
.Pa /etc/ssh/ssh_host_ed25519_key
and
-.Pa /etc/ssh/ssh_host_rsa_key
-for protocol version 2.
+.Pa /etc/ssh/ssh_host_rsa_key .
.Pp
Note that
.Xr sshd 8
@@ -728,14 +723,6 @@ option restricts which of the keys are actually used by
.Xr sshd 8 .
.Pp
It is possible to have multiple host key files.
-.Dq rsa1
-keys are used for version 1 and
-.Dq dsa ,
-.Dq ecdsa ,
-.Dq ed25519
-or
-.Dq rsa
-are used for version 2 of the SSH protocol.
It is also possible to specify public host key files instead.
In this case operations on the private key will be delegated
to an
@@ -774,8 +761,6 @@ Specifies that
and
.Pa .shosts
files will not be used in
-.Cm RhostsRSAAuthentication
-or
.Cm HostbasedAuthentication .
.Pp
.Pa /etc/hosts.equiv
@@ -790,8 +775,6 @@ Specifies whether
should ignore the user's
.Pa ~/.ssh/known_hosts
during
-.Cm RhostsRSAAuthentication
-or
.Cm HostbasedAuthentication .
The default is
.Dq no .
@@ -910,15 +893,6 @@ option of
.Xr ssh 1
with an argument of
.Dq kex .
-.It Cm KeyRegenerationInterval
-In protocol version 1, the ephemeral server key is automatically regenerated
-after this many seconds (if it has been used).
-The purpose of regeneration is to prevent
-decrypting captured sessions by later breaking into the machine and
-stealing the keys.
-The key is never stored anywhere.
-If the value is 0, the key is never regenerated.
-The default is 3600 (seconds).
.It Cm ListenAddress
Specifies the local addresses
.Xr sshd 8
@@ -1127,8 +1101,6 @@ Available keywords are
.Cm PubkeyAuthentication ,
.Cm RekeyLimit ,
.Cm RevokedKeys ,
-.Cm RhostsRSAAuthentication ,
-.Cm RSAAuthentication ,
.Cm StreamLocalBindMask ,
.Cm StreamLocalBindUnlink ,
.Cm TrustedUserCAKeys ,
@@ -1333,28 +1305,6 @@ when a user logs in interactively.
or equivalent.)
The default is
.Dq yes .
-.It Cm Protocol
-Specifies the protocol versions
-.Xr sshd 8
-supports.
-The possible values are
-.Sq 1
-and
-.Sq 2 .
-Multiple versions must be comma-separated.
-The default is
-.Sq 2 .
-Protocol 1 suffers from a number of cryptographic weaknesses and should
-not be used.
-It is only offered to support legacy devices.
-.Pp
-Note that the order of the protocol list does not indicate preference,
-because the client selects among multiple protocol versions offered
-by the server.
-Specifying
-.Dq 2,1
-is identical to
-.Dq 1,2 .
.It Cm PubkeyAcceptedKeyTypes
Specifies the key types that will be accepted for public key authentication
as a comma-separated pattern list.
@@ -1419,20 +1369,6 @@ an OpenSSH Key Revocation List (KRL) as generated by
.Xr ssh-keygen 1 .
For more information on KRLs, see the KEY REVOCATION LISTS section in
.Xr ssh-keygen 1 .
-.It Cm RhostsRSAAuthentication
-Specifies whether rhosts or /etc/hosts.equiv authentication together
-with successful RSA host authentication is allowed.
-The default is
-.Dq no .
-This option applies to protocol version 1 only.
-.It Cm RSAAuthentication
-Specifies whether pure RSA authentication is allowed.
-The default is
-.Dq yes .
-This option applies to protocol version 1 only.
-.It Cm ServerKeyBits
-Defines the number of bits in the ephemeral protocol version 1 server key.
-The default and minimum value is 1024.
.It Cm StreamLocalBindMask
Sets the octal file creation mode mask
.Pq umask
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list