[Bug 1469] Should sshd detect and reject vulnerable SSH keys (re: Debian DSA-1571 and DSA-1576)

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Jun 16 16:32:12 EST 2008


Solar Designer <solar at openwall.com> changed:

           What    |Removed                     |Added
                 CC|                            |solar at openwall.com

--- Comment #8 from Solar Designer <solar at openwall.com>  2008-06-16 16:32:07 ---
I have attached the key blacklisting code from Openwall GNU/*/Linux
(also used at least by ALT Linux).  We've been using this "in
production" on many systems for 2+ weeks with no issues (and have
detected some weak keys "in the wild").  I am posting this primarily to
have everything in one place.  Also relevant are these URLs:

http://www.openwall.com/lists/oss-security/2008/05/27/3 - the original
http://www.openwall.com/lists/oss-security/2008/05/27/4 - on
forward-port to openssh-5.0p1
http://git.altlinux.org/people/ldv/packages/?p=openssh.git -
repositories with these patches (and more)

Compared to the Debian patch, this uses much smaller files (less than
4.5 bytes per key for 48-bit partial fingerprints), it's very fast
(will work just fine on a VAX), it can be configured to be fail-close
(in case of errors), and the size of partial fingerprints is not
hardcoded anywhere (it's specified on "blacklist-encode" command-line,
with no need to recompile anything, so an existing build of sshd that
works with 48-bit fingerprints now will also work with, say, 64-bit
just fine).

Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list