[haiku-development] Re: Administrative notice: new SSH host keys for our machines
- From: Jonathan Schleifer <js-haiku-development@xxxxxxxxxxx>
- To: haiku-development@xxxxxxxxxxxxx
- Date: Wed, 16 Apr 2014 17:17:21 +0200
Am 16.04.2014 um 10:23 schrieb Oliver Tappe <zooey@xxxxxxxxxxxxxxx>:
> I find it pretty difficult to judge the exact effects of heartbleed, so I've
> decided this is a good time to follow your advice (you were the one pointing
> out the weakness of our ssh host keys in the first place) and rotate the keys.
Ah. OpenSSH is completely unaffected by Heartbleed as Heartbleed is only
affecting the TLS protocol. OpenSSH only links against OpenSSL's libcrypto, but
not against libssl :). But yes, changing the weak RSA key was a necessity
anyway.
> It certainly is, once we are using openssh-6.5. As of now, we're running
> openssh-6.2, which doesn't support Ed25519 keys.
Are there no updated packages available yet? OpenSSH 6.5 also introduces
Curve25519 for the key exchange, whereas older versions prefer using the
backdoor'd NIST curves.
> Well, the old RSA key might not, but the ECDSA key should be, which seems to
> be preferred by ssh. I have no idea why your ssh client seems to ignore the
> ecdsa key, maybe it doesn't support that key type?
Ah, there's the problem. I actually disabled ECDSA in my SSH config, since most
cryptographers are very sure the NIST curves, which are used by OpenSSH for
ECDSA, are backdoor'd. Hence me asking for Ed25519 certs / Curve25519 key
exchange. And ChaCha20-Poly1305 would also be nice, as it prevents the timing
attacks of AES-CBC, though I don't know how I feel about the fact that all
crypto primitives used then are invented by the same person. 6.5 also offers
AES-GCM besides ChaCha20-Poly1305, so that there is another authenticated
cypher :).
> Sure, if you were just using RSA keys. However, the server did provide a DSA
> and an ECDSA key, too.
Yeah, that's the problem. I disabled both ECDSA and DSA - ECDSA due to the
alleged backdoor and DSA because it depends too heavy on randomness - and good
randomness if scarce if a VM rebooted. Ed25519 doesn't have that problem,
though :).
>> What about the approach to have /etc/ssh/ssh_host_rsa_key_new.pub, which is
>> not used for now, and then just use this as the new key at the end of the
>> month?
>
> What's the difference to what has happened for you now? That would mean that
> everyone has to switch now without a chance to fetch the new key first.
I think you misunderstood: The new key will be at a path that is not used by
SSH for now. Everybody can get that key and add it to the keyring. After the
end of the month, the SSH config is changed to use the new key.
Since it's already too late now, the best I can think of is start a new VM that
has the old key and on login shows you the fingerprint of the new key.
> All I can offer you is to point out that the same fingerprints are being
> shown on https://server-stats.haiku-os.org and that I'm happy to confirm them
> via IRC.
Yes, I'll come back to that :).
--
Jonathan
Other related posts:
