[Bug 2041] New: Check for SSHFP when certificate is offered.
https://bugzilla.mindrot.org/show_bug.cgi?id=2041 Priority: P5 Bug ID: 2041 Assignee: unassigned-b...@mindrot.org Summary: Check for SSHFP when certificate is offered. Severity: enhancement Classification: Unclassified OS: All Reporter: ond...@caletka.cz Hardware: All Status: NEW Version: 6.1p1 Component: ssh Product: Portable OpenSSH Created attachment 2185 --> https://bugzilla.mindrot.org/attachment.cgi?id=2185&action=edit Check for SSHFP when certificate is offered. When the sshd offers a certificate to client (which is default, when such a certificate is configured), the client refuses to do a SSHFP validation for the key embedded in the certificate. This patch fixes this by dropping certificate for the purpose of checking SSHFP records, yet retaining certificate for other checks if SSHFP authentication fails. It is therefore possible to fall back to certificate authentication when for instance client does not have a DNSSEC-enabled connectivity. -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2040] Downgrade attack vulnerability when checking SSHFP records
https://bugzilla.mindrot.org/show_bug.cgi?id=2040 --- Comment #2 from Ondřej Caletka --- (In reply to comment #1) > Created attachment 2184 [details] > Handle future digest types correctly > > When testing, I also found out that when a SSHFP record for the host > uses digest type other than SHA1 or SHA256, the SSHFP check fails > even if SHA1 or SHA256 matches the offered host key. > > This patch changes this behavior to ignore future digest types. Feel free to test it using ssh -vv -o VerifyHostKeyDNS=yes -o HostKeyAlgorithms=ecdsa-sha2-nistp521 sshfp-test-newdigest.oskarcz.net -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2040] Downgrade attack vulnerability when checking SSHFP records
https://bugzilla.mindrot.org/show_bug.cgi?id=2040 --- Comment #1 from Ondřej Caletka --- Created attachment 2184 --> https://bugzilla.mindrot.org/attachment.cgi?id=2184&action=edit Handle future digest types correctly When testing, I also found out that when a SSHFP record for the host uses digest type other than SHA1 or SHA256, the SSHFP check fails even if SHA1 or SHA256 matches the offered host key. This patch changes this behavior to ignore future digest types. -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2040] New: Downgrade attack vulnerability when checking SSHFP records
https://bugzilla.mindrot.org/show_bug.cgi?id=2040 Priority: P5 Bug ID: 2040 Assignee: unassigned-b...@mindrot.org Summary: Downgrade attack vulnerability when checking SSHFP records Severity: minor Classification: Unclassified OS: All Reporter: ond...@caletka.cz Hardware: All Status: NEW Version: 6.1p1 Component: ssh Product: Portable OpenSSH Created attachment 2183 --> https://bugzilla.mindrot.org/attachment.cgi?id=2183&action=edit Fix downgrade attack vulnerability in handling SSHFP records To quote RFC 6594, section 4.1.: > Secure Shell implementations that support SHA-256 fingerprints MUST prefer a > SHA-256 fingerprint over SHA-1 if both are available for a server. If the > SHA-256 fingerprint is tested and does not match the SSH public key received > from the SSH server, then the key MUST be rejected rather than testing the > alternative SHA-1 fingerprint. The current version of SSH does not conform this requirement. Attached patch fixes this issue. It can be tested using this command: $ ssh -vv -o HostKeyAlgorithms=ecdsa-sha2-nistp521 -o VerifyHostKeyDNS=yes sshfp-test-downgrade.oskarcz.net (The SSHFP records with SHA-256 digests for hostname sshfp-test-downgrade.oskarcz.net are intentionally altered.) -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs