** Description changed: + [Impact] + Since version 2013.56, dropbear has supported the hmac-sha2-256 and hmac-sha2-512 MAC algorithms, but they are disabled by default. According to the dropbear changelog, enabling them is a matter of uncommenting the following two lines in options.h: - /*#define DROPBEAR_SHA2_256_HMAC*/ - /*#define DROPBEAR_SHA2_512_HMAC*/ + /*#define DROPBEAR_SHA2_256_HMAC*/ + /*#define DROPBEAR_SHA2_512_HMAC*/ Due to recent NSA revelations, some people are recommending users disable certain algorithms. If the recommendations at <https://stribika.github.io/2015/01/04/secure-secure-shell.html> are followed, there are no MAC algorithms left that dropbear supports unless hmac-sha2-256 and hmac-sha2-512 are enabled. + + [Test Case] + + Setup steps: + 1. install dropbear and openssh-client: + sudo apt-get install dropbear openssh-client + 2. if you have openssh-server installed, stop it: + sudo service ssh stop + 3. make sure that the dropbear service is enabled by editing + /etc/default/dropbear and setting the NO_START variable to 0 like + this: + NO_START=0 + 4. start the dropbear service: + sudo service dropbear start + + Test steps: + 5. try the hmac-sha2-256 MAC: + ssh -o UserKnownHostsFile=/dev/null \ + -o MACs=hmac-sha2-256 localhost + 6. try the hmac-sha2-512 MAC: + ssh -o UserKnownHostsFile=/dev/null \ + -o MACs=hmac-sha2-512 localhost + + Cleanup steps: + 7. stop the dropbear service: + sudo service dropbear stop + 8. if you edited /etc/default/dropbear to enable the dropbear + service, disable it again by editing /etc/default/dropbear and + setting the NO_START variable to 1 like this: + NO_START=1 + 9. if you stopped the OpenSSH server, restart it: + sudo service ssh start + + [Regression Potential] + + * Due to being disabled by default upstream, the implementations of + the new MAC algorithms are probably not as well tested as the old + MAC algorithms. This may increase the likelihood of compatibility + or security bugs. + * SSH clients are likely to prefer the new MAC algorithms over the + old MAC algorithms. If either the client or server has an + implementation bug, the ability to connect may be impaired unless + the user configures the client to disallow the new algorithms or + prefer the old algorithms (e.g., via the ssh_config "MACs" + directive in OpenSSH). + * The new MAC algorithms may negatively impact performance.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1409798 Title: enable hmac-sha2-256, hmac-sha2-512 MAC algorithms To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dropbear/+bug/1409798/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs