thr3ads.net - freebsd stable - [FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0 [Aug 2016]

If this information is useful, please help other people find it:
Share via:

Devin Teske

2016-Aug-08 17:56 UTC

[FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0

Which would you use?

ECDSA?

https://en.wikipedia.org/wiki/Elliptic_curve_cryptography
<https://en.wikipedia.org/wiki/Elliptic_curve_cryptography>

"" In the wake of the exposure of Dual_EC_DRBG as "an NSA
undercover operation", cryptography experts have also expressed concern
over the security of the NIST recommended elliptic curves,[31]
<https://en.wikipedia.org/wiki/Elliptic_curve_cryptography#cite_note-31>
suggesting a return to encryption based on non-elliptic-curve groups.
""

Or perhaps RSA? (as des@ recommends)

(not necessarily to Glen but anyone that wants to answer)
-- 
Devin

> On Aug 4, 2016, at 6:59 PM, Glen Barber <gjb at FreeBSD.org> wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> This is a heads-up that OpenSSH keys are deprecated upstream by OpenSSH,
> and will be deprecated effective 11.0-RELEASE (and preceeding RCs).
> 
> Please see r303716 for details on the relevant commit, but upstream no
> longer considers them secure.  Please replace DSA keys with ECDSA or RSA
> keys as soon as possible, otherwise there will be issues when upgrading
> from 11.0-BETA4 to the subsequent 11.0 build, but most definitely the
> 11.0-RELEASE build.
> 
> Glen
> On behalf of:	re@ and secteam@
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
> 
> iQIcBAEBCAAGBQJXo/L2AAoJEAMUWKVHj+KTG3sP/3j5PBVMBlYVVR+M4PUoRJjb
> kShIRFHzHUV9YzTIljtqOVf/f/mw3kRHA4fUonID5AJlo23ht9cwGOvGUi5H3lBK
> rnL9vsU9lvZoGyaHLpR/nikMOaRTa8bl1cdpULlEGH94HEzDuLT92AtAZ5HtdDEl
> GcXRfTe3eGOaxcqNSF8NKSMQQ8rzbKmsgsa5Cbf0PYToemn3xyPAr+9Nz8tbSrlR
> TrrFhzOR6+Ix0NcYJAKs6RUZ2kgbAheYF6nQmAHlJzyBihlfdfieJdysqNwSOQ8u
> c7CyBLNFrGKqYTDVQI36MUwoyVtEqbOjt3cPitsMsD3fVAf05H7dHp/0iqrUghUs
> 60HYOjfmvZxH5wvhEPdv/wPLAZeosdQgW8np3Y5cztw7cxZXF+PxoMjRcnXVpQ2c
> QIZg3RsiQmJtAT4Z2OuvYikqGzrpsVido0um/KMM9b82XilJExxPPzgEpXCK3CE8
> 7TchzrRA/W27eST4VXoNYrrMlmpavur1IxvMS54fBOu98efTIoER6uJc1t7qcL6r
> mEVmBoMqecg+auuWqz50Bh8K329dlYuGLMbk/Ktc3agXtpkw88ylDmC6l5N7qrnL
> kSb4i3DboU7R1cltiin3c/P+ahwfKQdNH18QbN3utJuzSSRVvXq4laUGFlRhWEEx
> bLbbH2fh5bxDmDXDMdCF
> =LLtP
> -----END PGP SIGNATURE-----
> _______________________________________________
> freebsd-announce at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-announce
> To unsubscribe, send any mail to "freebsd-announce-unsubscribe at
freebsd.org"

Conrad Meyer

2016-Aug-08 18:17 UTC

head link

[FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0

The OpenSSH defaults are intentionally sane.  RSA 2048 is anticipated
to be fine for the next 10 years.  It would not be a bad choice.  I'm
not aware of any reason not to use EC keys, and presumably the openssh
authors wouldn't ship them as an option if they knew of any reason to
believe they were compromised.

Best,
Conrad

On Mon, Aug 8, 2016 at 10:56 AM, Devin Teske <dteske at freebsd.org>
wrote:> Which would you use?
>
> ECDSA?
>
> https://en.wikipedia.org/wiki/Elliptic_curve_cryptography
<https://en.wikipedia.org/wiki/Elliptic_curve_cryptography>
>
> "" In the wake of the exposure of Dual_EC_DRBG as "an NSA
undercover operation", cryptography experts have also expressed concern
over the security of the NIST recommended elliptic curves,[31]
<https://en.wikipedia.org/wiki/Elliptic_curve_cryptography#cite_note-31>
suggesting a return to encryption based on non-elliptic-curve groups.
""
>
> Or perhaps RSA? (as des@ recommends)
>
> (not necessarily to Glen but anyone that wants to answer)
> --
> Devin
>
>
>> On Aug 4, 2016, at 6:59 PM, Glen Barber <gjb at FreeBSD.org>
wrote:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> This is a heads-up that OpenSSH keys are deprecated upstream by
OpenSSH,
>> and will be deprecated effective 11.0-RELEASE (and preceeding RCs).
>>
>> Please see r303716 for details on the relevant commit, but upstream no
>> longer considers them secure.  Please replace DSA keys with ECDSA or
RSA
>> keys as soon as possible, otherwise there will be issues when upgrading
>> from 11.0-BETA4 to the subsequent 11.0 build, but most definitely the
>> 11.0-RELEASE build.
>>
>> Glen
>> On behalf of: re@ and secteam@
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v2
>>
>> iQIcBAEBCAAGBQJXo/L2AAoJEAMUWKVHj+KTG3sP/3j5PBVMBlYVVR+M4PUoRJjb
>> kShIRFHzHUV9YzTIljtqOVf/f/mw3kRHA4fUonID5AJlo23ht9cwGOvGUi5H3lBK
>> rnL9vsU9lvZoGyaHLpR/nikMOaRTa8bl1cdpULlEGH94HEzDuLT92AtAZ5HtdDEl
>> GcXRfTe3eGOaxcqNSF8NKSMQQ8rzbKmsgsa5Cbf0PYToemn3xyPAr+9Nz8tbSrlR
>> TrrFhzOR6+Ix0NcYJAKs6RUZ2kgbAheYF6nQmAHlJzyBihlfdfieJdysqNwSOQ8u
>> c7CyBLNFrGKqYTDVQI36MUwoyVtEqbOjt3cPitsMsD3fVAf05H7dHp/0iqrUghUs
>> 60HYOjfmvZxH5wvhEPdv/wPLAZeosdQgW8np3Y5cztw7cxZXF+PxoMjRcnXVpQ2c
>> QIZg3RsiQmJtAT4Z2OuvYikqGzrpsVido0um/KMM9b82XilJExxPPzgEpXCK3CE8
>> 7TchzrRA/W27eST4VXoNYrrMlmpavur1IxvMS54fBOu98efTIoER6uJc1t7qcL6r
>> mEVmBoMqecg+auuWqz50Bh8K329dlYuGLMbk/Ktc3agXtpkw88ylDmC6l5N7qrnL
>> kSb4i3DboU7R1cltiin3c/P+ahwfKQdNH18QbN3utJuzSSRVvXq4laUGFlRhWEEx
>> bLbbH2fh5bxDmDXDMdCF
>> =LLtP
>> -----END PGP SIGNATURE-----
>> _______________________________________________
>> freebsd-announce at freebsd.org mailing list
>> https://lists.freebsd.org/mailman/listinfo/freebsd-announce
>> To unsubscribe, send any mail to "freebsd-announce-unsubscribe at
freebsd.org"
>
> _______________________________________________
> freebsd-current at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe at
freebsd.org"

Bernard Spil

2016-Aug-08 19:39 UTC

head link

[FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0

Hi Devin,

This resource documents the choices pretty well I think
https://stribika.github.io/2015/01/04/secure-secure-shell.html
Author has made some modifications up to Jan 2016
https://github.com/stribika/stribika.github.io/commits/master/_posts/2015-01-04-secure-secure-shell.md

The short answer then is ed25519 or rsa4096, disable both dsa and ecdsa.

Even 6.5p1 shipped with 9.3 supports ed25519.

Cheers,

Bernard.

On 2016-08-08 19:56, Devin Teske wrote:> Which would you use?
> 
> ECDSA?
> 
> https://en.wikipedia.org/wiki/Elliptic_curve_cryptography
> <https://en.wikipedia.org/wiki/Elliptic_curve_cryptography>
> 
> "" In the wake of the exposure of Dual_EC_DRBG as "an NSA
undercover
> operation", cryptography experts have also expressed concern over the
> security of the NIST recommended elliptic curves,[31]
>
<https://en.wikipedia.org/wiki/Elliptic_curve_cryptography#cite_note-31>
> suggesting a return to encryption based on non-elliptic-curve groups.
> ""
> 
> Or perhaps RSA? (as des@ recommends)
> 
> (not necessarily to Glen but anyone that wants to answer)
> --
> Devin
> 
> 
>> On Aug 4, 2016, at 6:59 PM, Glen Barber <gjb at FreeBSD.org>
wrote:
>> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>> 
>> This is a heads-up that OpenSSH keys are deprecated upstream by 
>> OpenSSH,
>> and will be deprecated effective 11.0-RELEASE (and preceeding RCs).
>> 
>> Please see r303716 for details on the relevant commit, but upstream no
>> longer considers them secure.  Please replace DSA keys with ECDSA or 
>> RSA
>> keys as soon as possible, otherwise there will be issues when 
>> upgrading
>> from 11.0-BETA4 to the subsequent 11.0 build, but most definitely the
>> 11.0-RELEASE build.
>> 
>> Glen
>> On behalf of:	re@ and secteam@
>> 
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v2
>> 
>> iQIcBAEBCAAGBQJXo/L2AAoJEAMUWKVHj+KTG3sP/3j5PBVMBlYVVR+M4PUoRJjb
>> kShIRFHzHUV9YzTIljtqOVf/f/mw3kRHA4fUonID5AJlo23ht9cwGOvGUi5H3lBK
>> rnL9vsU9lvZoGyaHLpR/nikMOaRTa8bl1cdpULlEGH94HEzDuLT92AtAZ5HtdDEl
>> GcXRfTe3eGOaxcqNSF8NKSMQQ8rzbKmsgsa5Cbf0PYToemn3xyPAr+9Nz8tbSrlR
>> TrrFhzOR6+Ix0NcYJAKs6RUZ2kgbAheYF6nQmAHlJzyBihlfdfieJdysqNwSOQ8u
>> c7CyBLNFrGKqYTDVQI36MUwoyVtEqbOjt3cPitsMsD3fVAf05H7dHp/0iqrUghUs
>> 60HYOjfmvZxH5wvhEPdv/wPLAZeosdQgW8np3Y5cztw7cxZXF+PxoMjRcnXVpQ2c
>> QIZg3RsiQmJtAT4Z2OuvYikqGzrpsVido0um/KMM9b82XilJExxPPzgEpXCK3CE8
>> 7TchzrRA/W27eST4VXoNYrrMlmpavur1IxvMS54fBOu98efTIoER6uJc1t7qcL6r
>> mEVmBoMqecg+auuWqz50Bh8K329dlYuGLMbk/Ktc3agXtpkw88ylDmC6l5N7qrnL
>> kSb4i3DboU7R1cltiin3c/P+ahwfKQdNH18QbN3utJuzSSRVvXq4laUGFlRhWEEx
>> bLbbH2fh5bxDmDXDMdCF
>> =LLtP
>> -----END PGP SIGNATURE-----
>> _______________________________________________
>> freebsd-announce at freebsd.org mailing list
>> https://lists.freebsd.org/mailman/listinfo/freebsd-announce
>> To unsubscribe, send any mail to 
>> "freebsd-announce-unsubscribe at freebsd.org"
> 
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to 
> "freebsd-stable-unsubscribe at freebsd.org"

Christian Weisgerber

2016-Aug-11 13:19 UTC

head link

[FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0

On 2016-08-08, Devin Teske <dteske at freebsd.org> wrote:
> Which would you use?
Ed25519.
> Or perhaps RSA? (as des@ recommends)
RSA if you need compatibility with servers or other clients that
don't know Ed25519.  That's why ssh-keygen, alas, still defaults
to RSA.

-- 
Christian "naddy" Weisgerber                          naddy at
mips.inka.de

freebsd stable - Aug 2016 - [FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0

[FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0

[FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0

[FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0

[FreeBSD-Announce] HEADS-UP: OpenSSH DSA keys are deprecated in 12.0 and 11.0