Legacy option for key length?

David Newall openssh at davidnewall.com
Tue Jan 2 16:29:10 AEDT 2018


On 02/01/18 02:22, Peter Moody wrote:
> I would prefer that:
>
>   * commercial vendors patched the software they sold

We all would prefer that, but I think you know that in reality, very few 
customers have enough leverage to achieve that.  I have a number of IBM 
servers for which access to the remote console now requires old versions 
of Java and old browsers.  That's IBM.  If they're not going to update 
equipment, nobody is.  Let's not pretend the world works differently.

> I'm not sure what your bugaboo is about a fractured user base; at
> any given time there are probably hundreds of different versions of
> openssh being distributed due to different os's, distros, etc.

Every older version of openssh is on the path to the latest version, 
unless there's a reason why the latest version cannot be used.  When you 
create such a reason, you force them to choose between a real bug or 
find an alternative.  A lot of people choose to live with a real bug, 
and that truly does reduce security.

But the worst thing about fracturing the user base, from the perspective 
of wanting to be the premiere implementation of ssh, is you create a 
real incentive for a fork.  As things stand, a fork would be superior 
software, because it will have 100% of the goodness of openssh without 
the badness.  The main distributions will eventually switch and then 
openssh will become irrelevant. Why go through that over some pig-headed 
and wrong principle?  (I realise that there are developers here who 
think that it's not pig-headed to aim for perfect security, but, when 
you make perfect be the enemy of good, you are being pig-headed.)  What 
is proposed has a strong argument in its favour, and really has no 
downside, unless you believe in fairy godmothers who can wave a wand and 
make manufacturers do things which they clearly are not going to.

> by the way, do you not see that every one of your arguments about the
> openssh client can be applied, almost verbatim, to the vendor supplied
> sshd?

I realise.  I also realise that the reason why open source software is 
so powerful a force in IT is because manufacturers want to their gear to 
become obsolete, they want it to exist in their own silos, they want to 
destroy the opposition.  If I said "embrace, extend, extinguish", 
everybody here would nod their head.  Our job is to provide a better 
alternative.  This recent change, which removed shorter keys, could have 
been done slightly differently and we would continue to be a better 
alternative. Now, sadly, people have to dig into yesteryear and find a 
better alternative.  That not only sucks, it creates space for a good 
alternative that will displace openssh.

I think a very good question which needs to be asked is, what value does 
disallowing shorter keys bring over severely deprecating them (i.e. 
allowing them by use of command argument on a per-session basis)?  I 
cannot see a single benefit; it won't stop use of shorter keys, it will 
just stop use of the latest openssh.



More information about the openssh-unix-dev mailing list