Re: diffie-hellman-group-exchange-sha256 group size concerns and request

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 2024-09-23 05:56, Dmitry Belyavskiy wrote:

Hello,

On Sun, Sep 22, 2024 at 10:15 AM Kurt Fitzner via openssh-unix-dev
<openssh-unix-dev@xxxxxxxxxxx> wrote:

I would like to advocate for:

- Change behaviour of the server to allow server operators to set the
minimum modulus group size allowable for a connection using
diffie-hellman-group-exchange-sha256
Whether this is by having the server refuse to allow smaller moduli to
be used than exist in ModuliFile, or another explicit configuration
setting is added, it doesn't matter

I strongly support this requirement. We have a similar one for RSA and
having an explicit setting for DH would be great.

This is almost as significant as logjam was to begin with, and I have to say I'm dismayed that there is no way to prevent connections at insecure group sizes with the server using default canned primes that have been long exposed to pre-calculations.

I'm not convinced that MITM can't force a lower "maximum" group size on a connection, which basically means this IS logjam.

I have disabled diffie-hellman-group-exchange-sha256 on all servers as insecure and would like clarification from OpenSSH devs. There needs to at least be a statement issued somewhere warning people that removing small primes from /etc/ssh/moduli has no effect on the minimum size the server will issue, and that this is actually a worse option as this will cause the server to use canned primes.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux