Bug 1678661 - openssh: KexAlgorithms=curve25519-sha256 not compatible with DEFAULT profile
Summary: openssh: KexAlgorithms=curve25519-sha256 not compatible with DEFAULT profile
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: crypto-policies
Version: 8.0
Hardware: All
OS: Linux
Target Milestone: rc
: 8.1
Assignee: Tomas Mraz
QA Contact: Simo Sorce
Mirek Jahoda
Depends On: 1682515
TreeView+ depends on / blocked
Reported: 2019-02-19 10:44 UTC by Stanislav Zidek
Modified: 2020-11-14 14:56 UTC (History)
11 users (show)

Fixed In Version: crypto-policies-20190613-1.git21ffdc8.el8
Doc Type: Bug Fix
Doc Text:
.`curve25519-sha256` is now supported by default in OpenSSH Previously, the `curve25519-sha256` SSH key exchange algorithm was missing in the system-wide crypto policies configurations for the OpenSSH client and server even though it was compliant with the default policy level. As a consequence, if a client or a server used `curve25519-sha256` and this algorithm was not supported by the host, the connection might fail. This update of the `crypto-policies` package fixes the bug, and SSH connections no longer fail in the described scenario.
Clone Of:
Last Closed: 2019-11-05 22:33:24 UTC
Type: Bug
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Gitlab redhat-crypto/fedora-crypto-policies/merge_requests/38/ 0 None None None 2019-02-19 10:45:41 UTC
Red Hat Product Errata RHBA-2019:3644 0 None None None 2019-11-05 22:33:40 UTC

Description Stanislav Zidek 2019-02-19 10:44:25 UTC
Description of problem:
curve25519-sha256 is not compatible with DEFAULT profile (and perhaps others)

Version-Release number of selected component (if applicable):
# rpm -q crypto-policies openssh

How reproducible:

Steps to Reproduce:
1. ssh -o KexAlgorithms=curve25519-sha256 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no localhost

Actual results:
Unable to negotiate with ::1 port 22: no matching key exchange method found. Their offer: curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1

Expected results:
Connects normally.

Additional info:
This is regression against RHEL-7, so we need to at least document it as known issue. Not a blocker material.

Comment 1 Tomas Mraz 2019-02-19 10:58:37 UTC
Mirek, can we document it as known issue in RHEL-8.0?
Do we need a separate bug for the documentation?

Comment 19 Simo Sorce 2019-07-08 16:23:25 UTC
Verify test runs in CI: https://baseos-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/job/ci-openstack/29584//console

[        ] T:       5 [-ciphers-in-practice-do-not-meet-the-stated] Running
[        ] 1562575727 [Setup                                      ] PASS Score: 0
[        ] 1562575728 [Test-available-ciphers                     ] PASS Score: 0
[        ] 1562575729 [Test-available-macs                        ] PASS Score: 0
[        ] 1562575730 [KEX-algorithms                             ] PASS Score: 0
[        ] 1562575731 [Key-types                                  ] PASS Score: 0
[        ] 1562575732 [Cleanup                                    ] PASS Score: 0
[        ] T:       5 [-ciphers-in-practice-do-not-meet-the-stated] Completed: PASS

Comment 22 errata-xmlrpc 2019-11-05 22:33:24 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.