search for: hostkeyalgorithm

...nSSH 8.2p1 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This is a feature release. > > > * The RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512. These > This actually affects me: github.com has very limited HostKeyAlgorithms > advertised and my attempts to filter acceptable algorithms are based > around lines from `ssh -Q key` (since before the newer - support for > filtering) so I've been re-enabling ssh-rsa for github.com, missing that > there was another option. I think I've stopped using clien...

$ ssh -Q HostKeyAlgorithms Unsupported query "HostKeyAlgorithms" $ ssh -V OpenSSH_7.4p1, OpenSSL 1.0.2u 20 Dec 2019 On Mon, Mar 2, 2020 at 2:24 PM Christian Hesse <list at eworm.de> wrote: > Luveh Keraph <1.41421 at gmail.com> on Mon, 2020/03/02 14:07: > > When I do ssh -Q key, where ssh is...

...6 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-rsa-cert-v01 at openssh.com ssh-dss-cert-v01 at openssh.com ecdsa-sha2-nistp256-cert-v01 at openssh.com ecdsa-sha2-nistp384-cert-v01 at openssh.com ecdsa-sha2-nistp521-cert-v01 at openssh.com The thing is, one can invoke both client and server with -o HostKeyAlgorithms=rsa-sha2-256, or -o HostKeyAlgorithms=rsa-sha2-512, and everything's OK. Why is it that rsa-sha2-* are not displayed in the output above? In fact, no option to -Q elicits them, and they are not mentioned in the OpenSSH client and server man pages. Is this intentional?

https://bugzilla.mindrot.org/show_bug.cgi?id=2650 Bug ID: 2650 Summary: UpdateHostKeys ignores RSA keys if HostKeyAlgorithms=rsa-sha2-256 Product: Portable OpenSSH Version: 7.4p1 Hardware: All OS: All Status: NEW Severity: trivial Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: aran...

The defaults for HostKeyAlgorithms option are: ecdsa-sha2-nistp256-cert-v01 at openssh.com, ecdsa-sha2-nistp384-cert-v01 at openssh.com, ecdsa-sha2-nistp521-cert-v01 at openssh.com, ssh-ed25519-cert-v01 at openssh.com, ssh-rsa-cert-v01 at openssh.com, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, ssh-ed25519,ssh-rsa...

https://bugzilla.mindrot.org/show_bug.cgi?id=3157 Bug ID: 3157 Summary: known_hosts @cert-authority with legacy plain key entry drops incorrect set of HostKeyAlgorithms Product: Portable OpenSSH Version: 8.1p1 Hardware: All OS: Mac OS X Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: paullkapp at...

Folks, I read the 5.7 release announcement and updated, to try out ECDSA. Most parts worked very smoothly. The inability to create SSHFP records is understandable, since IANA haven't allocated a code yet. One apparent bug: I think StrictHostKeyChecking=ask is broken for ECDSA. % ssh -o HostKeyAlgorithms=ecdsa-sha2-nistp256 localhost @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on...

...is case? > > On Sun, May 27, 2018 at 5:09 AM, Damien Miller <djm at mindrot.org> wrote: > > On Sat, 26 May 2018, Christian Weisgerber wrote: > > > >> On 2018-05-25, Yegor Ievlev <koops1997 at gmail.com> wrote: > >> > >> > The defaults for HostKeyAlgorithms option are: [...] > >> > Why does OpenSSH prefer older and less secure > >> > (https://safecurves.cr.yp.to/) ECDSA with NIST curves over Ed25519? > >> > >> I asked Markus and Damien about this in the past but honestly don't > >> remember the a...

On 2020-02-06 at 13:28 +1100, Darren Tucker wrote: > Like this. > --- a/sshd_config.5 > +++ b/sshd_config.5 The ssh_config.5 also has a copy of this and presumably needs the same change, unless I've misunderstood. -Phil

On Mon, 28 May 2018, Yegor Ievlev wrote: > Can we prefer RSA to ECDSA? For example: > HostKeyAlgorithms > ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 not without a good reason

Hello, I am using OpenSSH on a FreeBSD box (OpenSSH_3.5p1 FreeBSD-20030201, SSH protocols 1.5/2.0, OpenSSL 0x0090701f) and I noticed that the manual page for ssh_config probably needs to be fixed. The manual page says that the default value for the parameter HostKeyAlgorithms is "ssh-rsa,ssh-dss" but that seems to be wrong, because ssh only uses RSA-Keys in my .ssh/known_hosts if I explicitly set the parameter with "ssh-rsa,ssh-dss". If the parameter remains commented out, ssh doesn't use the already known RSA key: WARNING: RSA key found for h...

...enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com Created attachment 3198 --> https://bugzilla.mindrot.org/attachment.cgi?id=3198&action=edit possibility to order host keys in client The HostKeyAlgorithms option in the client has a difference from all the other algorithm limiting options that should be sorted according to the list of known hosts available. This works fine out of the box with default negotiated list, but when one tries to limit (or extend) the algorithm list to something else than d...

...ding RFC 4253 sections 6.2 - 6.5 and section 7.1 as saying that implementations must be prepared to accept an arbitrary number of algorithms of each type during initial key exchange? When I was troubleshooting this issue I tried playing around with different combinations of -o KexAlgorithms and -o HostKeyAlgorithms at the command line. Are there other configuration paramters for the other name-lists during algorithm negotiation, e.g. encryption_algorithms_client_to_server, compression_algorithms_server_to_client, etc? Thanks in advance! Best, Kent

On Sat, 26 May 2018, Christian Weisgerber wrote: > On 2018-05-25, Yegor Ievlev <koops1997 at gmail.com> wrote: > > > The defaults for HostKeyAlgorithms option are: [...] > > Why does OpenSSH prefer older and less secure > > (https://safecurves.cr.yp.to/) ECDSA with NIST curves over Ed25519? > > I asked Markus and Damien about this in the past but honestly don't > remember the answer. Some of the potential reasons (lack...

https://bugzilla.mindrot.org/show_bug.cgi?id=2673 Bug ID: 2673 Summary: Multiple ssh keys for a given server Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org

...hanged and you have requested strict checking. Host key verification failed. The relevant part of my .ssh/config file is Host * IdentityFile ~/.ssh/id_ed25519 IdentityFile ~/.ssh/id_rsa The relevant part of my /etc/ssh/ssh_config is: Host * AddressFamily inet PubkeyAcceptedKeyTypes +ssh-dss HostKeyAlgorithms +ssh-dss - Ryan On Tue, Sep 15, 2020 at 11:25 PM Damien Miller <djm at mindrot.org> wrote: > > On Tue, 15 Sep 2020, Ryan Mulligan wrote: > > > Hello. > > > > I am running OpenSSH 7.9p1 on my client and server. ssh-keyscan shows > > the server has ssh-rsa,...

...entication (previously it permitted keyboard-interactive and password-less authentication if those were enabled). New Features ------------ * ssh_config(5): add PubkeyAcceptedKeyTypes option to control which public key types are available for user authentication. * sshd_config(5): add HostKeyAlgorithms option to control which public key types are offered for host authentications. * ssh(1), sshd(8): extend Ciphers, MACs, KexAlgorithms, HostKeyAlgorithms, PubkeyAcceptedKeyTypes and HostbasedKeyTypes options to allow appending to the default set of algorithms instead of replacing it....

I am trying to understand the details of the deprecation notice. Because I am getting people asking me questions. And I don't know the answer. Therefore I am pushing the boulder uphill and asking here. :-) Damien Miller wrote: > Future deprecation notice > ========================= > > It is now possible[1] to perform chosen-prefix attacks against the > SHA-1 algorithm for

...bugs at mindrot.org Reporter: lkinley at gmail.com When UpdateHostKeys=yes/ask, only hostname based entries are added to known_hosts file when learning new hostkeys. Shouldn't IP entries also be added? Consider the following scenario: User connects for the first time, specifying a HostKeyAlgorithms setting that is not first in the default list (rsa-sha2-256 in this case), HashKnownHosts=yes, and UpdateHostKeys=yes. Server sends key, it gets recorded in known_hosts both under the hostname and the IP. User authenticates and additional keys are learned and stored under only the hostname. A s...

Hello, Maybe I'm asking an already answered question, if yes I'm sorry to bother you. Why in default HostKeyAlgorithms settings is ecdsa-sha2-nistp256-cert-v01 at openssh.com preferred over ssh-ed25519-cert-v01 at openssh.com ? For example in default settings for KexAlgorithms the curve25519-sha256 at libssh.org is preferred over ecdh-sha2-nistp256. Fedor Defaults in openssh-6.6p1 HostKeyAlgorithms ecdsa-sh...