Bug 1010092

Summary: enable RSAONLY by default
Product: [Fedora] Fedora Reporter: Peter Backes <rtc>
Component: opensshAssignee: Petr Lautrbach <plautrba>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: mattias.ellert, mgrepl, plautrba, tmraz
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openssh-6.2p2-8.fc20 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-09-25 12:27:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
generate only RSA keys by default none

Description Peter Backes 2013-09-20 00:03:22 UTC 
Description of problem:
sshd-keygen by default generates three host keys, a DSA key, plus 2048 bit SSH1 and SSH2 RSA keys.

SSH DSA host keys have a mandatory key size of 1024 bits, which is rumored to be breakable for an adversary having sufficient ressources and hence should not be considered as secure anymore.

SSH1 has design flaws that make it insecure. It has thus long been disabled for sshd by default.

DSA and SSH1 host keys should hence not be generated anymore, to prevent their use.

Please ship /etc/sysconfig/sshd with AUTOCREATE_SERVER_KEYS=RSAONLY in the default configuration.

As a beneficial side effect, the key generation will becomes faster, since only one key needs to be generated.

The Bullrun Briefing Sheet, published in the context of the Snowden affair, shows that the NSA considers ssh traffic as exploitable, so let's not hesistante to close the most obvious candidates for attack vectors.

Those who, for whatever reason, need a DSA host key can generate it by hand.

Version-Release number of selected component (if applicable):
openssh-server-6.2p2-5.fc19.i686

How reproducible:
always

Steps to Reproduce:
1. install openssh-server
2. check /etc/ssh/*.pub

Actual results:
DSA 1024 bit keys and SSH1 RSA keys were generated in addition to a SSH2 RSA key.

Expected results:
Only a SSH2 RSA host key with 2048 bits is generated.
Comment 1 Petr Lautrbach 2013-09-20 15:29:56 UTC 
Created attachment 800546 [details]
generate only RSA keys by default
Comment 2 Fedora Update System 2013-09-26 11:55:06 UTC 
openssh-6.2p2-8.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/openssh-6.2p2-8.fc20
Comment 3 Fedora Update System 2013-09-30 00:27:11 UTC 
openssh-6.2p2-8.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.