Re: [OT] HeartBleed bug

2014-04-09 Thread Ognjen Blagojevic

Chris,

On 9.4.2014 14:53, Christopher Schultz wrote:

My recommendation would be to treat everything OpenSSL touches as
tainted and re-key anyway.


[I will assume we are talking about OpenSSH implementation.]

That dependins of the definition of "what OpenSSL touches". OpenSSL 
consists of two libraries: libcrypto and libtls. OpenSSH implementation 
depends on OpenSSL package, but only to utilize primitive crypro 
functions from libcrypto library. Libtls library contains implementation 
of TLS protocol, including Heartbeat functionality, but OpenSSH does not 
utilize that library, AFAIK. Therefore, I stand by my earlier position 
-- no need to rekey SSH keys.


-Ognjen



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



Re: [OT] HeartBleed bug

2014-04-09 Thread Robert Klemme
On Wed, Apr 9, 2014 at 2:53 PM, Christopher Schultz
 wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Ognjen,
>
> On 4/9/14, 3:30 AM, Ognjen Blagojevic wrote:
>> On 9.4.2014 9:49, André Warnier wrote:
>>> I wonder if I may ask this list-OT question to the SSH experts on
>>> the list :
>>>
>>> I run some 25 webservers (Apache httpd-only, Tomcat-only, or
>>> Apache httpd + Tomcat). I do not use HTTPS on any of them. But I
>>> use SSH (OpenSSH) to connect to them over the Internet for
>>> support purposes, with "authorized_keys" on the servers. Are my
>>> servers affected by this bug ? Or is this (mainly) an
>>> HTTPS-related affair ?
>>>
>>> I mean : I will update OpenSSH on all my servers anyway.  But do
>>> I have to consider that, with a non-negligible probability, the
>>> keys stored on my servers are already compromised ?
>>
>> This is OpenSSL 1.0.1--1.0.1f vulnerabilty, so any protocol using
>> OpenSSL implementation of TLS/SSL protocol (if OpenSSL libarary
>> version is in mentioned range) is vulnerable
>
> Not necessarily. SSH, for instance, does not utilize the "heartbeat"
> feature of SSL and so is theoretically safe. I suppose you could have
> used the same server key for both SSH and HTTPS, but that would have
> been pretty silly.

Isn't that exactly what Ognjen said? This quote of him was not
included in your email:

>> SSH protocol does not use TSL/SSL, so it is not vulnerable to Heartbleed bug.

> My recommendation would be to treat everything OpenSSL touches as
> tainted and re-key anyway.

That may be a costly recommendation because one might buy more new and
revoke more old certificates than necessary.

Cheers

robert


-- 
[guy, jim].each {|him| remember.him do |as, often| as.you_can - without end}
http://blog.rubybestpractices.com/

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



Re: [OT] HeartBleed bug

2014-04-09 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Ognjen,

On 4/9/14, 3:30 AM, Ognjen Blagojevic wrote:
> On 9.4.2014 9:49, André Warnier wrote:
>> I wonder if I may ask this list-OT question to the SSH experts on
>> the list :
>> 
>> I run some 25 webservers (Apache httpd-only, Tomcat-only, or
>> Apache httpd + Tomcat). I do not use HTTPS on any of them. But I
>> use SSH (OpenSSH) to connect to them over the Internet for
>> support purposes, with "authorized_keys" on the servers. Are my
>> servers affected by this bug ? Or is this (mainly) an
>> HTTPS-related affair ?
>> 
>> I mean : I will update OpenSSH on all my servers anyway.  But do
>> I have to consider that, with a non-negligible probability, the
>> keys stored on my servers are already compromised ?
> 
> This is OpenSSL 1.0.1--1.0.1f vulnerabilty, so any protocol using 
> OpenSSL implementation of TLS/SSL protocol (if OpenSSL libarary
> version is in mentioned range) is vulnerable

Not necessarily. SSH, for instance, does not utilize the "heartbeat"
feature of SSL and so is theoretically safe. I suppose you could have
used the same server key for both SSH and HTTPS, but that would have
been pretty silly.

My recommendation would be to treat everything OpenSSL touches as
tainted and re-key anyway.

Here are some guides for re-keying your openssh servers:

Debian: https://wiki.debian.org/SSLkeys#OpenSSH_.28Server.29
Generic: http://www.softec.lu/site/DevelopersCorner/HowToRegenerateNewSsh

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJTRULAAAoJEBzwKT+lPKRYwwYP/0HrBqKK14wZ9lbLLP8mPzS7
VW3DFmuUbEYtLaRsSiCoAm2Db4ip8GuDLF7QuHRcaPIjejf56vjtOHxzDuPTHs88
d9Wdl045XABbp9esp/yt0PERc3IpFp0aF5HIZ9PUYhq+wEedz29nuQDMgBq2tnhW
EhtTe5IbtvB/e0JCVHfmfrNZ28u3AqD9ymM8F2R3DlvkfEIK+H+iG+jXoYGGoalq
scuYEDcPKQfW1raA6S+Y3+88NGnOfZ9HY8nQexRXN02rU+MzxMUesArdsH6WLrVE
BD7/chXld2Wrtfk2pGpqx326NG2Or8knhsnYDx1N+uH1wi8Z+QTdUuhUUN6+yazh
vYazcYnHxFYMj8TGrEPETa+FbNuok/z1C78ZqfehOfAZ1hxoATq9d8T7vE6C2rCQ
ONc8962Umu1jtNKrtWZUly1G4Bb4SJvRxxTfZif4A6mxipxSUJXBo6DIBdn1ETJB
nogCE+YxXXb9DtmjQRGhuu4vuyA/DoNlEPmkjDjGDiBPcloxGIdsinz9zx1Rk7S0
9Z82sNpsZDztFe/Z1/VZ8jrnhaKHO03saR33XdWthBHna0nOiJ1TBhGFeuPE82kK
Esz79QArjv9237Xf/MMatO1jXA85cqqzILy43hD/jo4dxT+8c0aE/X7nq5ekfUEF
9CfbNtwi/7eQPrjsnZg6
=rb8D
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



Re: [OT] HeartBleed bug

2014-04-09 Thread André Warnier

Ognjen Blagojevic wrote:

André,

On 9.4.2014 9:49, André Warnier wrote:

I wonder if I may ask this list-OT question to the SSH experts on the
list :

I run some 25 webservers (Apache httpd-only, Tomcat-only, or Apache
httpd + Tomcat).
I do not use HTTPS on any of them.
But I use SSH (OpenSSH) to connect to them over the Internet for support
purposes, with "authorized_keys" on the servers.
Are my servers affected by this bug ?
Or is this (mainly) an HTTPS-related affair ?

I mean : I will update OpenSSH on all my servers anyway.  But do I have
to consider that, with a non-negligible probability, the keys stored on
my servers are already compromised ?


This is OpenSSL 1.0.1--1.0.1f vulnerabilty, so any protocol using 
OpenSSL implementation of TLS/SSL protocol (if OpenSSL libarary version 
is in mentioned range) is vulnerable, like: STARTTLS extension for 
protocols like SMTP, POP, IMAP, XMPP, FTP, LDAP, NNTP, and also other 
protocols which uss TLS/SSL like SSL VPN, and HTTPS.


SSH protocol does not use TSL/SSL, so it is not vulnerable to Heartbleed 
bug.


-Ognjen



Thanks for clarifying for this SSH/SSL near-dummy.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



Re: [OT] HeartBleed bug

2014-04-09 Thread Ognjen Blagojevic

André,

On 9.4.2014 9:49, André Warnier wrote:

I wonder if I may ask this list-OT question to the SSH experts on the
list :

I run some 25 webservers (Apache httpd-only, Tomcat-only, or Apache
httpd + Tomcat).
I do not use HTTPS on any of them.
But I use SSH (OpenSSH) to connect to them over the Internet for support
purposes, with "authorized_keys" on the servers.
Are my servers affected by this bug ?
Or is this (mainly) an HTTPS-related affair ?

I mean : I will update OpenSSH on all my servers anyway.  But do I have
to consider that, with a non-negligible probability, the keys stored on
my servers are already compromised ?


This is OpenSSL 1.0.1--1.0.1f vulnerabilty, so any protocol using 
OpenSSL implementation of TLS/SSL protocol (if OpenSSL libarary version 
is in mentioned range) is vulnerable, like: STARTTLS extension for 
protocols like SMTP, POP, IMAP, XMPP, FTP, LDAP, NNTP, and also other 
protocols which uss TLS/SSL like SSL VPN, and HTTPS.


SSH protocol does not use TSL/SSL, so it is not vulnerable to Heartbleed 
bug.


-Ognjen


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org