Settable minimum RSA key sizes on the client end for legacy devices.
David Newall
openssh at davidnewall.com
Thu Dec 26 17:07:07 AEDT 2019
You can use openssl to generate a shorter key:
$ openssl genprsa -out key.pem 768
$ ssh-keygen -y -f key.pem > key.pub # optional to get public key
This works with a 768-bit RSA key (client: OpenSSH_7.2p2, OpenSSL
1.0.2g; server: OpenSSH_7.2p2, OpenSSL 1.0.2g) but not a 256-bit RSA
key: I can generate the shorter key but the server requires a minimum of
768-bits.
Hope this helps.
-------- Forwarded Message --------
Subject: Settable minimum RSA key sizes on the client end for legacy
devices.
Date: Wed, 25 Dec 2019 21:02:36 -0600
From: Steve Sether <steve at sether.org>
To: openssh-unix-dev at mindrot.org
Recently I tried to turn on SSH on my 12 year old APC-UPS. I soon
discovered that I couldn't connect to it because my newer version of
openssh doesn't support RSA key sizes below 1024 bits.
I'd rather not dredge up a big fight, but I _would_ like to express a
desire for some form of overriding the minimum key size. Basically I've
had to turn on telnet access again, lowering security. The HTTPS
protocol options on the device are old enough that no modern browser
will connect to it either. So essentially I'm left at going back to the
mid 90s and use telnet, or HTTP to connect to this device.
To me, not providing a way to over-ride the minimum key size is just a
bit heavy-handed. The vendor doesn't support this device anymore, and
it's failed all attempts at replacing the 768 bit key with a 1024 bit
one. The firmware is upgraded to the last release in 2010. I understand
that a 768 bit RSA key was factored 10 years ago, though with a very
large computing effort, so it's vulnerable to a pretty expensive attack.
I note that other legacy, potentially insecure options are supported via
configuration changes. https://www.openssh.com/legacy.html Why isn't the
same true for a minimum key size? This device isn't exactly ancient at
around 12 years old and a 10 year old firmware. I'd imagine there's
other hardware that has limited support for ssh key sizes that the
current openssh won't connect to anymore.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev at mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list