Vincent Lefevre
2008-May-19 02:28 UTC
[Secure-testing-team] Bug#481860: openssh-server upgrade didn''t remove all compromised keys from /etc/ssh
Package: openssh-server Version: 1:4.7p1-10 Severity: grave Tags: security Justification: user security hole When I upgraded openssh-server, ssh_host_dsa_key has been replaced because it was compromised, but not ssh_host_rsa_key, but this one was compromised too! $ ll /etc/ssh -rw-r--r-- 1 root root 2064867 2008-05-13 16:23:21 blacklist.DSA-1024 -rw-r--r-- 1 root root 2064867 2008-05-17 17:03:45 blacklist.RSA-1024 -rw-r--r-- 1 root root 2064867 2008-05-13 16:23:21 blacklist.RSA-2048 -rw-r--r-- 1 root root 88039 2003-05-01 15:29:57 moduli -rw-r--r-- 1 root root 1595 2008-01-11 01:54:42 ssh_config -rw------- 1 root root 668 2008-05-15 11:12:51 ssh_host_dsa_key -rw------- 1 root root 668 2008-01-30 16:20:56 ssh_host_dsa_key.broken -rw-r--r-- 1 root root 598 2008-05-15 11:12:51 ssh_host_dsa_key.pub -rw-r--r-- 1 root root 602 2008-01-30 16:20:56 ssh_host_dsa_key.pub.broken -rw------- 1 root root 883 2008-01-30 16:20:56 ssh_host_rsa_key -rw-r--r-- 1 root root 222 2008-01-30 16:20:56 ssh_host_rsa_key.pub -rw-r--r-- 1 root root 14274 2008-01-30 16:42:08 ssh_known_hosts -rw-r--r-- 1 root root 1881 2008-04-17 15:30:22 sshd_config -rw-r--r-- 1 root root 1873 2008-04-17 15:17:19 sshd_config~ $ for i in /etc/ssh/ssh_host_*pub*; echo $i && ssh-vulnkey $i /etc/ssh/ssh_host_dsa_key.pub Not blacklisted: 1024 5f:84:36:c0:a3:4f:86:a3:0e:7b:67:5f:71:4f:46:66 root at vin /etc/ssh/ssh_host_dsa_key.pub.broken COMPROMISED: 1024 00:9d:b1:dd:7b:93:6d:92:92:84:1a:19:61:28:cb:6a root at butanol /etc/ssh/ssh_host_rsa_key.pub COMPROMISED: 1024 6b:89:cd:4a:c4:f8:c8:b1:7d:60:25:6b:2a:05:af:42 root at butanol As you can see, the old ssh_host_dsa_key was detected as compromised, thus renamed as ssh_host_dsa_key.broken and regenerated, but nothing has been done on the old compromised ssh_host_rsa_key key. So, in short, openssh-server gave incorrect information about compromised keys. Until now, I thought that all my keys were OK after the upgrade, but this is now clearly not the case! -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, ''unstable''), (500, ''stable'') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24.5-20080423 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages openssh-server depends on: ii adduser 3.107 add and remove users and groups ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii dpkg 1.14.19 package maintenance system for Deb ii libc6 2.7-11 GNU C Library: Shared libraries ii libcomerr2 1.40.8-2 common error description library ii libkrb53 1.6.dfsg.3-2 MIT Kerberos runtime libraries ii libpam-modules 0.99.7.1-6 Pluggable Authentication Modules f ii libpam-runtime 0.99.7.1-6 Runtime support for the PAM librar ii libpam0g 0.99.7.1-6 Pluggable Authentication Modules l ii libselinux1 2.0.59-1 SELinux shared libraries ii libssl0.9.8 0.9.8g-10 SSL shared libraries ii libwrap0 7.6.q-15 Wietse Venema''s TCP wrappers libra ii lsb-base 3.2-12 Linux Standard Base 3.2 init scrip ii openssh-blacklist 0.2 list of default blacklisted OpenSS ii openssh-client 1:4.7p1-10 secure shell client, an rlogin/rsh ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime Versions of packages openssh-server recommends: ii xauth 1:1.0.3-1 X authentication utility -- debconf information: * ssh/vulnerable_host_keys: ssh/new_config: true * ssh/use_old_init_script: true ssh/encrypted_host_key_but_no_keygen: ssh/disable_cr_auth: false