Re: Dropbear 2020.79
On Wed, 17 Jun 2020 at 13:19, I wrote: > Apologies if I'm being obtuse; with newer version of openssh client the > new dropbear won't accept rsa keys: > Just to update the list in case anyone else hits the same problem I did, the issue was caused by running an out-of-date version of Pageant (the PuTTY authentication agent). As you were. Geoff >
Re: Dropbear 2020.79
On Mon, 15 Jun 2020 at 16:52, Matt Johnston wrote: > This release also supports rsa-sha2 signatures which will be > required by OpenSSH in the near future - rsa with sha1 will > be disabled. This doesn't require any change to > hostkey/authorized_keys files. > Apologies if I'm being obtuse; with newer version of openssh client the new dropbear won't accept rsa keys: ssh -v root@172.22.232.152 -p OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 [snip] debug1: Next authentication method: publickey debug1: Offering RSA public key: rsa-key-20180607 debug1: *Server accepts key: pkalg rsa-sha2-256 blen 277* Authentication failed. but with older versions it does: ssh -v root@172.22.232.152 -p OpenSSH_5.8p2, OpenSSL 0.9.8o 01 Jun 2010 [snip] debug1: Offering RSA public key: rsa-key-20180607 debug1: *Server accepts key: pkalg ssh-rsa blen 277* debug1: Authentication succeeded (publickey). Is there a config option I'm missing? Thanks Geoff
Re: "Bad public key options" (Was: Dropbear 2020.79)
> On Tue 16/6/2020, at 9:58 am, Guilhem Moulin wrote: >> - […] x11 forwarding are now disabled by default. > > I have no opinion about disabling this at compile-time, however the > current implementation locks out (“Bad public key options”) users with > ‘no-X11-forwarding’ in their authorized_keys(5) files. Thanks, I'll apply that and organise a bug fix release (waiting to see if there are an other immediate regressions). For Debian I think it might be worth keeping x11 forwarding enabled. I disabled x11 forwarding because most embedded platforms (Dropbear's most common usecase (?)) wouldn't have any use for it. On a general distro it can be useful. Cheers, Matt
Re: Dropbear 2020.79
There are various examples at https://github.com/fabriziobertocci/dropbear-epka Cheers, Matt > On Wed 17/6/2020, at 6:38 pm, Hans Harder wrote: > > Does anybody have an example of the external public-key authentication api > Sounds interesting, but I am not sure how to use this... > > thx > Hans > > On Mon, Jun 15, 2020 at 5:53 PM Matt Johnston <mailto:m...@ucc.asn.au>> wrote: > Hi all, > > Dropbear 2020.79 is now released. Particular thanks to Vladislav Grishenko > for adding ed25519 and chacha20-poly1305 support which have > been wanted for a while. > > This release also supports rsa-sha2 signatures which will be > required by OpenSSH in the near future - rsa with sha1 will > be disabled. This doesn't require any change to > hostkey/authorized_keys files. > > Required versions of libtomcrypt and libtommath have been > increased, if the system library is older Dropbear can use > its own bundled copy. > > As usual downloads are at > https://matt.ucc.asn.au/dropbear/dropbear.html > <https://matt.ucc.asn.au/dropbear/dropbear.html> > https://mirror.dropbear.nl/mirror/dropbear.html > <https://mirror.dropbear.nl/mirror/dropbear.html> > > Cheers, > Matt > > 2020.79 - 15 June 2020 > > - Support ed25519 hostkeys and authorized_keys, many thanks to Vladislav > Grishenko. > This also replaces curve25519 with a TweetNaCl implementation that reduces > code size. > > - Add chacha20-poly1305 authenticated cipher. This will perform faster than > AES > on many platforms. Thanks to Vladislav Grishenko > > - Support using rsa-sha2 signatures. No changes are needed to > hostkeys/authorized_keys > entries, existing RSA keys can be used with the new signature format > (signatures > are ephemeral within a session). Old ssh-rsa signatures will no longer > be supported by OpenSSH in future so upgrading is recommended. > > - Use getrandom() call on Linux to ensure sufficient entropy has been > gathered at startup. > Dropbear now avoids reading from the random source at startup, instead > waiting until > the first connection. It is possible that some platforms were running > without enough > entropy previously, those could potentially block at first boot generating > host keys. > The dropbear "-R" option is one way to avoid that. > > - Upgrade libtomcrypt to 1.18.2 and libtommath to 1.2.0, many thanks to > Steffen Jaeckel for > updating Dropbear to use the current API. Dropbear's configure script will > check > for sufficient system library versions, otherwise using the bundled > versions. > > - CBC ciphers, 3DES, hmac-sha1-96, and x11 forwarding are now disabled by > default. > They can be set in localoptions.h if required. > Blowfish has been removed. > > - Support AES GCM, patch from Vladislav Grishenko. This is disabled by > default, > Dropbear doesn't currently use hardware accelerated AES. > > - Added an API for specifying user public keys as an authorized_keys > replacement. > See pubkeyapi.h for details, thanks to Fabrizio Bertocci > > - Fix idle detection clashing with keepalives, thanks to jcmathews > > - Include IP addresses in more early exit messages making it easier for > fail2ban > processing. Patch from Kevin Darbyshire-Bryant > > - scp fix for CVE-2018-20685 where a server could modify name of output files > > - SSH_ORIGINAL_COMMAND is set for "dropbear -c" forced command too > > - Fix writing key files on systems without hard links, from Matt Robinson > > - Compatibility fixes for IRIX from Kazuo Kuroi > > - Re-enable printing MOTD by default, was lost moving from options.h. Thanks > to zciendor > > - Call fsync() is called on parent directory when writing key files to ensure > they are flushed > > - Fix "make install" for manpages in out-of-tree builds, from Gabor Z. Papp > > - Some notes are added in DEVELOPER.md >
Re: Dropbear 2020.79
Does anybody have an example of the external public-key authentication api Sounds interesting, but I am not sure how to use this... thx Hans On Mon, Jun 15, 2020 at 5:53 PM Matt Johnston wrote: > Hi all, > > Dropbear 2020.79 is now released. Particular thanks to Vladislav Grishenko > for adding ed25519 and chacha20-poly1305 support which have > been wanted for a while. > > This release also supports rsa-sha2 signatures which will be > required by OpenSSH in the near future - rsa with sha1 will > be disabled. This doesn't require any change to > hostkey/authorized_keys files. > > Required versions of libtomcrypt and libtommath have been > increased, if the system library is older Dropbear can use > its own bundled copy. > > As usual downloads are at > https://matt.ucc.asn.au/dropbear/dropbear.html > https://mirror.dropbear.nl/mirror/dropbear.html > > Cheers, > Matt > > 2020.79 - 15 June 2020 > > - Support ed25519 hostkeys and authorized_keys, many thanks to Vladislav > Grishenko. > This also replaces curve25519 with a TweetNaCl implementation that > reduces code size. > > - Add chacha20-poly1305 authenticated cipher. This will perform faster > than AES > on many platforms. Thanks to Vladislav Grishenko > > - Support using rsa-sha2 signatures. No changes are needed to > hostkeys/authorized_keys > entries, existing RSA keys can be used with the new signature format > (signatures > are ephemeral within a session). Old ssh-rsa signatures will no longer > be supported by OpenSSH in future so upgrading is recommended. > > - Use getrandom() call on Linux to ensure sufficient entropy has been > gathered at startup. > Dropbear now avoids reading from the random source at startup, instead > waiting until > the first connection. It is possible that some platforms were running > without enough > entropy previously, those could potentially block at first boot > generating host keys. > The dropbear "-R" option is one way to avoid that. > > - Upgrade libtomcrypt to 1.18.2 and libtommath to 1.2.0, many thanks to > Steffen Jaeckel for > updating Dropbear to use the current API. Dropbear's configure script > will check > for sufficient system library versions, otherwise using the bundled > versions. > > - CBC ciphers, 3DES, hmac-sha1-96, and x11 forwarding are now disabled by > default. > They can be set in localoptions.h if required. > Blowfish has been removed. > > - Support AES GCM, patch from Vladislav Grishenko. This is disabled by > default, > Dropbear doesn't currently use hardware accelerated AES. > > - Added an API for specifying user public keys as an authorized_keys > replacement. > See pubkeyapi.h for details, thanks to Fabrizio Bertocci > > - Fix idle detection clashing with keepalives, thanks to jcmathews > > - Include IP addresses in more early exit messages making it easier for > fail2ban > processing. Patch from Kevin Darbyshire-Bryant > > - scp fix for CVE-2018-20685 where a server could modify name of output > files > > - SSH_ORIGINAL_COMMAND is set for "dropbear -c" forced command too > > - Fix writing key files on systems without hard links, from Matt Robinson > > - Compatibility fixes for IRIX from Kazuo Kuroi > > - Re-enable printing MOTD by default, was lost moving from options.h. > Thanks to zciendor > > - Call fsync() is called on parent directory when writing key files to > ensure they are flushed > > - Fix "make install" for manpages in out-of-tree builds, from Gabor Z. Papp > > - Some notes are added in DEVELOPER.md > >
Re: "Bad public key options" (Was: Dropbear 2020.79)
Hi Matt, On Mon, 15 Jun 2020 at 23:52:51 +0800, Matt Johnston wrote: > Dropbear 2020.79 is now released. \o/ congrats! > - […] x11 forwarding are now disabled by default. I have no opinion about disabling this at compile-time, however the current implementation locks out (“Bad public key options”) users with ‘no-X11-forwarding’ in their authorized_keys(5) files. Wouldn't it make sense to move the #ifdefs to make the option a no-op instead? (Same thing for ‘no-agent-forwarding’ actually.) Attached is the patch I applied to “fix” the regression in the Debian package. Cheers -- Guilhem. From: Guilhem Moulin Date: Tue, 16 Jun 2020 00:32:28 +0200 Subject: Don't choke on disabled authorized_keys(5) options As of 2020.79 X11 forwarding is disabled at build time, which could lock out users with authorized_keys(5) files containing ‘no-X11-forwarding’ options. --- svr-authpubkeyoptions.c |8 1 file changed, 4 insertions(+), 4 deletions(-) --- a/svr-authpubkeyoptions.c +++ b/svr-authpubkeyoptions.c @@ -147,20 +147,20 @@ int svr_add_pubkey_options(buffer *optio ses.authstate.pubkey_options->no_port_forwarding_flag = 1; goto next_option; } -#if DROPBEAR_SVR_AGENTFWD if (match_option(options_buf, "no-agent-forwarding") == DROPBEAR_SUCCESS) { +#if DROPBEAR_SVR_AGENTFWD dropbear_log(LOG_WARNING, "Agent forwarding disabled."); ses.authstate.pubkey_options->no_agent_forwarding_flag = 1; +#endif goto next_option; } -#endif -#if DROPBEAR_X11FWD if (match_option(options_buf, "no-X11-forwarding") == DROPBEAR_SUCCESS) { +#if DROPBEAR_X11FWD dropbear_log(LOG_WARNING, "X11 forwarding disabled."); ses.authstate.pubkey_options->no_x11_forwarding_flag = 1; +#endif goto next_option; } -#endif if (match_option(options_buf, "no-pty") == DROPBEAR_SUCCESS) { dropbear_log(LOG_WARNING, "Pty allocation disabled."); ses.authstate.pubkey_options->no_pty_flag = 1; signature.asc Description: PGP signature
Dropbear 2020.79
Hi all, Dropbear 2020.79 is now released. Particular thanks to Vladislav Grishenko for adding ed25519 and chacha20-poly1305 support which have been wanted for a while. This release also supports rsa-sha2 signatures which will be required by OpenSSH in the near future - rsa with sha1 will be disabled. This doesn't require any change to hostkey/authorized_keys files. Required versions of libtomcrypt and libtommath have been increased, if the system library is older Dropbear can use its own bundled copy. As usual downloads are at https://matt.ucc.asn.au/dropbear/dropbear.html https://mirror.dropbear.nl/mirror/dropbear.html Cheers, Matt 2020.79 - 15 June 2020 - Support ed25519 hostkeys and authorized_keys, many thanks to Vladislav Grishenko. This also replaces curve25519 with a TweetNaCl implementation that reduces code size. - Add chacha20-poly1305 authenticated cipher. This will perform faster than AES on many platforms. Thanks to Vladislav Grishenko - Support using rsa-sha2 signatures. No changes are needed to hostkeys/authorized_keys entries, existing RSA keys can be used with the new signature format (signatures are ephemeral within a session). Old ssh-rsa signatures will no longer be supported by OpenSSH in future so upgrading is recommended. - Use getrandom() call on Linux to ensure sufficient entropy has been gathered at startup. Dropbear now avoids reading from the random source at startup, instead waiting until the first connection. It is possible that some platforms were running without enough entropy previously, those could potentially block at first boot generating host keys. The dropbear "-R" option is one way to avoid that. - Upgrade libtomcrypt to 1.18.2 and libtommath to 1.2.0, many thanks to Steffen Jaeckel for updating Dropbear to use the current API. Dropbear's configure script will check for sufficient system library versions, otherwise using the bundled versions. - CBC ciphers, 3DES, hmac-sha1-96, and x11 forwarding are now disabled by default. They can be set in localoptions.h if required. Blowfish has been removed. - Support AES GCM, patch from Vladislav Grishenko. This is disabled by default, Dropbear doesn't currently use hardware accelerated AES. - Added an API for specifying user public keys as an authorized_keys replacement. See pubkeyapi.h for details, thanks to Fabrizio Bertocci - Fix idle detection clashing with keepalives, thanks to jcmathews - Include IP addresses in more early exit messages making it easier for fail2ban processing. Patch from Kevin Darbyshire-Bryant - scp fix for CVE-2018-20685 where a server could modify name of output files - SSH_ORIGINAL_COMMAND is set for "dropbear -c" forced command too - Fix writing key files on systems without hard links, from Matt Robinson - Compatibility fixes for IRIX from Kazuo Kuroi - Re-enable printing MOTD by default, was lost moving from options.h. Thanks to zciendor - Call fsync() is called on parent directory when writing key files to ensure they are flushed - Fix "make install" for manpages in out-of-tree builds, from Gabor Z. Papp - Some notes are added in DEVELOPER.md