[Bug 2040] Downgrade attack vulnerability when checking SSHFP records
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Sep 7 16:48:33 EST 2012
https://bugzilla.mindrot.org/show_bug.cgi?id=2040
Ondřej Caletka <ondrej at caletka.cz> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #2183|0 |1
is obsolete| |
--- Comment #4 from Ondřej Caletka <ondrej at caletka.cz> ---
Created attachment 2188
--> https://bugzilla.mindrot.org/attachment.cgi?id=2188&action=edit
Fix downgrade attack vulnerability in handling SSHFP records
I realized that only fingerprints for same key algorithm as sshd
offered should be counted as found. Otherwise, it would reject SHA-1
SSHFP only because there is a SHA-256 SSHFP for another key algorithm.
As usual, testcase is here, having only SHA-1 SSHFP for RSA Host key:
$ ./ssh -vv -o HostKeyAlgorithms=ssh-rsa -o VerifyHostKeyDNS=yes
sshfp-test-downgrade.oskarcz.net
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list