[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Removing DSS and other unreasonable algorithms (Was: Missing signed-off for pkg chacha20 patches)

Am 20.06.2018 um 15:12 schrieb Andreas Schneider:
> On Tuesday, 19 June 2018 16:35:49 CEST Jakub Jelen wrote:
>> On Thu, 2018-06-14 at 16:03 +0200, Andreas Schneider wrote:
>>> [...]
>>> Looks like openssh removed support for ssh-dss. At least my openssh
>>> 7.7
>>> doesn't know about it at all.
>> The OpenSSH 7.7p1 still has the support for ssh-dss keys, but they are
>> disabled by default for any use, unless you enable them using
>> PubkeyAcceptedKeyTypes and friend configuration options. The reason why
>> it is still there is probably because the DSA keys are mandatory part
>> (REQUIRED) of RFC4253 (Section 6.6).
>>> I would remove it from libssh after the release of 0.8 together with
>>> SSHv1
>>> support.
>>> I think we can remove it from pkd already? Comments?
>> Removing the ancient SSHv1, blowfish and other unreasonable algorithms
>> makes sense for me.
> SSHv1 will be removed, the algorithms will not be compiled in by default but 
> still available.
> This should not affect connecting to RHEL5 as it support and uses rsa keys by 
> default.
> 	Andreas

If we are already tidying up:

I suggest to also deprecate the insecure diffie-hellman-group1-sha1 kex
algorithm [1] which is currently compiled in by default.

Instead, maybe we should add curve25519-sha256 as an alias to the
curve25519-sha256@xxxxxxxxxx kex as Aris' proposal is in the IETF
standardization process [2] and OpenSSH has already adopted it in
September 2016.

[1] https://tools.ietf.org/id/draft-ietf-curdle-ssh-kex-sha2-10.html
[2] https://tools.ietf.org/id/draft-ietf-curdle-ssh-curves-07.html


Archive administrator: postmaster@lists.cynapses.org