Bug 1010092 - enable RSAONLY by default
enable RSAONLY by default
Product: Fedora
Classification: Fedora
Component: openssh (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Petr Lautrbach
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2013-09-19 20:03 EDT by Peter Backes
Modified: 2013-09-29 20:27 EDT (History)
4 users (show)

See Also:
Fixed In Version: openssh-6.2p2-8.fc20
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-09-25 08:27:49 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
generate only RSA keys by default (1.05 KB, patch)
2013-09-20 11:29 EDT, Petr Lautrbach
no flags Details | Diff

  None (edit)
Description Peter Backes 2013-09-19 20:03:22 EDT
Description of problem:
sshd-keygen by default generates three host keys, a DSA key, plus 2048 bit SSH1 and SSH2 RSA keys.

SSH DSA host keys have a mandatory key size of 1024 bits, which is rumored to be breakable for an adversary having sufficient ressources and hence should not be considered as secure anymore.

SSH1 has design flaws that make it insecure. It has thus long been disabled for sshd by default.

DSA and SSH1 host keys should hence not be generated anymore, to prevent their use.

Please ship /etc/sysconfig/sshd with AUTOCREATE_SERVER_KEYS=RSAONLY in the default configuration.

As a beneficial side effect, the key generation will becomes faster, since only one key needs to be generated.

The Bullrun Briefing Sheet, published in the context of the Snowden affair, shows that the NSA considers ssh traffic as exploitable, so let's not hesistante to close the most obvious candidates for attack vectors.

Those who, for whatever reason, need a DSA host key can generate it by hand.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. install openssh-server
2. check /etc/ssh/*.pub

Actual results:
DSA 1024 bit keys and SSH1 RSA keys were generated in addition to a SSH2 RSA key.

Expected results:
Only a SSH2 RSA host key with 2048 bits is generated.
Comment 1 Petr Lautrbach 2013-09-20 11:29:56 EDT
Created attachment 800546 [details]
generate only RSA keys by default
Comment 2 Fedora Update System 2013-09-26 07:55:06 EDT
openssh-6.2p2-8.fc20 has been submitted as an update for Fedora 20.
Comment 3 Fedora Update System 2013-09-29 20:27:11 EDT
openssh-6.2p2-8.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.