With the upcoming deprecation of ssh-rsa I was trying to see what keys my version of OpenSSH ( 7.8p1 ) supports. I noticed that "ssh -Q key" does not actually list the suggested algorithms to transition to ( rsa-sha2-256 and rsa-sha2-512 ) even though they are supported. Looking through the code, it looks like an issue with the arguments passed to sshkey_alg_list in ssh.c where it should be as below: case 'Q': cp = NULL; if (strcmp(optarg, "cipher") == 0) cp = cipher_alg_list('\n', 0); else if (strcmp(optarg, "cipher-auth") == 0) cp = cipher_alg_list('\n', 1); else if (strcmp(optarg, "mac") == 0) cp = mac_alg_list('\n'); else if (strcmp(optarg, "kex") == 0) cp = kex_alg_list('\n'); else if (strcmp(optarg, "key") == 0) - cp = sshkey_alg_list(0, 0, 0, '\n'); + cp = sshkey_alg_list(0, 0, 1, '\n'); is that right? I validated that the same code exists in HEAD as of this morning. If so it should be a pretty simple bugfix I would be happy to make or to let someone else from the dev team make if they have a spare moment. It's totally a minor quality-of-life issue for understanding algorithms supported compared to the other threads I saw about corner cases where the rsa-sha2 family of algos is not used during negotiation, but I can understand how this happens. The sshkey_alg_list call has the first 2 flags be excluding bools ( set it to true to limit things ) whereas the third one is an inclusive bool ( set it to true to include things ). To close, love openssh, love the work the team does, just doing some minor nitpicking :-) Cheers, Ethan
On 2020-06-01, Ethan Rahn <ethan.rahn at gmail.com> wrote:> With the upcoming deprecation of ssh-rsa I was trying to see what keys my > version of OpenSSH ( 7.8p1 ) supports. I noticed that "ssh -Q key" does not > actually list the suggested algorithms to transition to ( rsa-sha2-256 and > rsa-sha2-512 ) even though they are supported."-Q key" are the supported key formats. For the signature algorithms, you want "-Q sig". This is documented in the man page. -- Christian "naddy" Weisgerber naddy at mips.inka.de
On Tue, 2 Jun 2020 at 06:12, Christian Weisgerber <naddy at mips.inka.de> wrote> On 2020-06-01, Ethan Rahn <ethan.rahn at gmail.com> wrote: > > > With the upcoming deprecation of ssh-rsa I was trying to see what keys my > > version of OpenSSH ( 7.8p1 ) supports. I noticed that "ssh -Q key" does not > > actually list the suggested algorithms to transition to ( rsa-sha2-256 and > > rsa-sha2-512 ) even though they are supported. > > "-Q key" are the supported key formats. For the signature algorithms, > you want "-Q sig". This is documented in the man page.In addition, from version 8.2 ssh -Q will also accept ssh_config keywords and emit the formats or algorithms accepted by that keyword, eg. $ ssh -V OpenSSH_8.2p1, OpenSSL 1.1.1g FIPS 21 Apr 2020 $ ssh -Q PubkeyAcceptedKeyTypes [...] ssh-rsa rsa-sha2-256 rsa-sha2-512 [...] -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Il 1 giugno 2020 22:04:43 CEST, Christian Weisgerber <naddy at mips.inka.de> ha scritto:>"-Q key" are the supported key formats. For the signature algorithms, >you want "-Q sig". This is documented in the man page.Listed starting from which version? Latest man referred online https://man.openbsd.org/sshd_config Doesn't show it, right? Btw, you are referring to: https://man.openbsd.org/sshd_config#CASignatureAlgorithms Right? Thanks, Daniele