[Bug 2040] Downgrade attack vulnerability when checking SSHFP records

bugzilla-daemon Thu, 06 Sep 2012 23:48:41 -0700

https://bugzilla.mindrot.org/show_bug.cgi?id=2040


Ondřej Caletka <ond...@caletka.cz> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2183|0                           |1
        is obsolete|                            |

--- Comment #4 from Ondřej Caletka <ond...@caletka.cz> ---
Created attachment 2188
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2188&action=edit
Fix downgrade attack vulnerability in handling SSHFP records

I realized that only fingerprints for same key algorithm as sshd
offered should be counted as found. Otherwise, it would reject SHA-1
SSHFP only because there is a SHA-256 SSHFP for another key algorithm.

As usual, testcase is here, having only SHA-1 SSHFP for RSA Host key:
$ ./ssh -vv -o HostKeyAlgorithms=ssh-rsa -o VerifyHostKeyDNS=yes
sshfp-test-downgrade.oskarcz.net

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2040] Downgrade attack vulnerability when checking SSHFP records

Reply via email to