On 2020-02-06 at 14:41 +1100, Damien Miller wrote:
> No, sorry - the rules evaluation is enough of a mess without adding
> more corner cases where first-match-doesn't-always-win...
Fair. Thanks for the feedback. :)
> I don't think that is correct. Host legacy won't have ssh-dss enabled
> because that isn't in the default set of algs to begin with.
Ugh. Okay, bad example, sorry. I should have stuck to what I'm
actually using. For $reasons, I'm disabling all RSA by default,
sticking to ECC for pubkey usage in SSH. I re-enable it where needed
for some hosts. Legacy was my euphemism for "no ECC".
Host legacy
HostKeyAlgorithms +rsa-sha2-256,rsa-sha2-512
Host *
HostKeyAlgorithms -ssh-rsa*,ssh-dss*,rsa-sha*
This will re-enable ssh-rsa for host legacy.
Since HostKeyAlgorithms takes a single list, which can take a single
+/-/^ at the start, we can't use pairs where we add some and remove
others. So at present, doing calculations to get the correct list is
more fragile using +/- syntax than is a complete enumeration.
It's manageable, with careful comments, it's just not pretty; I don't
hard-code to what they _currently_ send because I want to benefit when
they upgrade, so:
# 2020-02-05: Their offer: ssh-dss,rsa-sha2-512,rsa-sha2-256,ssh-rsa
# Public service with no certificate authority.
# ssh -Q key-sig | grep -v cert-v | grep -Ev '^ssh-(rsa|dss)' | tr $'\n' , | sed s/,\$// ; echo
HostKeyAlgorithms ssh-ed25519,sk-ssh-ed25519@xxxxxxxxxxx,rsa-sha2-256,rsa-sha2-512,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@xxxxxxxxxxx
FWIW, while github.com has updated to allow rsa-sha2-* algorithms,
very public hosts which will currently cause people pain because they
only allow ssh-rsa include:
* bazaar.launchpad.net
* bitbucket.org (also ssh-dss)
* AWS codecommit hosts (at least, the one I touch)
-Phil
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
