Re: Removing DSS and other unreasonable algorithms (Was: Missing signed-off for pkg chacha20 patches)

[Andreas Schneider <asn@xxxxxxxxxxxxxx>]

On Friday, 22 June 2018 12:36:12 CEST Tilo Eckert wrote:
> Am 20.06.2018 um 15:12 schrieb Andreas Schneider:
> > On Tuesday, 19 June 2018 16:35:49 CEST Jakub Jelen wrote:
> >> On Thu, 2018-06-14 at 16:03 +0200, Andreas Schneider wrote:
> >>> [...]
> >>> 
> >>> Looks like openssh removed support for ssh-dss. At least my openssh
> >>> 7.7
> >>> doesn't know about it at all.
> >> 
> >> The OpenSSH 7.7p1 still has the support for ssh-dss keys, but they are
> >> disabled by default for any use, unless you enable them using
> >> PubkeyAcceptedKeyTypes and friend configuration options. The reason why
> >> it is still there is probably because the DSA keys are mandatory part
> >> (REQUIRED) of RFC4253 (Section 6.6).
> >> 
> >>> I would remove it from libssh after the release of 0.8 together with
> >>> SSHv1
> >>> support.
> >>> 
> >>> I think we can remove it from pkd already? Comments?
> >> 
> >> Removing the ancient SSHv1, blowfish and other unreasonable algorithms
> >> makes sense for me.
> > 
> > SSHv1 will be removed, the algorithms will not be compiled in by default
> > but still available.
> > 
> > This should not affect connecting to RHEL5 as it support and uses rsa keys
> > by default.
> > 
> > 	Andreas
> 
> If we are already tidying up:
> 
> I suggest to also deprecate the insecure diffie-hellman-group1-sha1 kex
> algorithm [1] which is currently compiled in by default.
> 
> Instead, maybe we should add curve25519-sha256 as an alias to the
> curve25519-sha256@xxxxxxxxxx kex as Aris' proposal is in the IETF
> standardization process [2] and OpenSSH has already adopted it in
> September 2016.

Could you prepare a patch for adding curve25519-sha256 as an alias and add a 
test in torture_algorithms for that?


	Andreas


-- 
Andreas Schneider                 asn@xxxxxxxxxxxxxx
GPG-ID:     8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D