On Sun, Jan 26, 2025 at 07:53:26PM +0200, Martin-Éric Racine wrote: > su 26.1.2025 klo 19.35 Daniel Baumann ([email protected]) kirjoitti: > > On 1/26/25 16:21, Colin Watson wrote: > > > 3072-bit RSA seems like a fine default at the moment, > > > and I expect that Debian will follow future changes made upstream. > > > > while I fully agree and don't think that the debian package should > > divert from upstream here, as an admin I do use different defaults for > > systems I maintain. > > > > From a config management point of view, this is very cumbersome as the > > postinst do re-create missing things/fallback to upstream defaults. > > > > To make it nicer for admins to locally deviate from the defaults.. how > > about internal preseed option(s) not shown to the user to select > > host-keys to be generated? Would you accept patches for this?
I'm wary of adding too much complexity there, but I'd at least consider such patches. > I have noticed this as well e.g. whenever Debian ships a new > openssh-server package, I've had to manually run the command shown on > the hardening guide to remove modulus below 3272-bit all over again. That's about DH moduli rather than host key sizes, right? That feels somewhat different, because we just ship upstream's moduli file as a conffile, so providing any debconf-style control over that would be very difficult to do in a policy-compliant way. (I'm also not sure what the compatibility implications are of dropping the smaller primes; I assume there must be some or upstream would probably have done it already ...) > For what it's worth, I fully agree with Colin that some of Joe Testa's > recommended hardening measures lack proper justification. Damien > Miller noticed the same thing, when I recently asked him to comment on > the recommendations. Are those comments somewhere public so that I can look at them? Thanks, -- Colin Watson (he/him) [[email protected]]
