From nobody Sun Dec 19 16:04:47 2021 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 06FE81905DD8; Sun, 19 Dec 2021 16:04:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JH6xC5RF2z3MN2; Sun, 19 Dec 2021 16:04:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9B1E9254BD; Sun, 19 Dec 2021 16:04:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1BJG4lV6080897; Sun, 19 Dec 2021 16:04:47 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1BJG4lJa080896; Sun, 19 Dec 2021 16:04:47 GMT (envelope-from git) Date: Sun, 19 Dec 2021 16:04:47 GMT Message-Id: <202112191604.1BJG4lJa080896@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: 8c22023ca5e1 - main - ssh: disable RSA/SHA-1 signatures List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 8c22023ca5e18d5e4b01b66cf5fae770f12253ad Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1639929887; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+OMaFtYtfD4KIzPjAfq4QbTCUzdjetiaucY2GN5OvpE=; b=tXPQ6SzU4sBvuyrMkkfPAjMHxQnlkDqR4kf7BsgxRi/1ND/jsObMx1Fzvc+hw/Wmcdcsa2 Mi9rldBpPsNxG7NhvTJMNVIxVMMtX9XvYGlg8nxYkwCXmeffiJnLAeGzdlAxVUk/pZQJ60 kZWZiRvpfMrQfPZ1ckj1ct2E3ZZPsbxx6wORsq5ibE6zjU0sUUSN9WlkVX7u67pGCGGpCc S4CL9Z1VvYNL3ghV05M8KmCxquRts83WuNdDbmIrSzNg8AJq0wb6NWDYWwDJk+BV87BxAt IZoXYIs61Wz+hFlA/k4VCmfmb6yKK3PMmLOqR+AudKfKENLbWrRt+BdZdD4FBA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1639929887; a=rsa-sha256; cv=none; b=AnqLSfJGhztf4jE8p52xr0ovq7nyP1TYxpjBR4OCMaiMRxeQoxslW1xeQ3RS7+cFxGcATL rH8N1Yh87IvbSBqTKEhy4THxgUXothJQrtlZWsVV7hRg+sFg7eyl5+qaV5aiFhhRuPw4L3 y/9UQtNvwgBMua8dxqA2/z/RrBYqTFBrj9anaK9sYyy9ayGqMVcGTxJNXX6aHpAsxZTZjd gG9R1LPYAdKtXxk8cK/wvffrMvTCoIfi4ot9rrzRAuUOxDAcNbLFSkgUVpS8cZB17CelTi g3BDu3g4Kz8F18THdBFqluWkuq5MXKkuDjIa3wMvnRuGdzioHC5ACgp85prS1g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=8c22023ca5e18d5e4b01b66cf5fae770f12253ad commit 8c22023ca5e18d5e4b01b66cf5fae770f12253ad Author: Ed Maste AuthorDate: 2021-12-19 02:51:01 +0000 Commit: Ed Maste CommitDate: 2021-12-19 16:03:45 +0000 ssh: disable RSA/SHA-1 signatures From OpenSSH 8.8p1's release notes: --- Potentially-incompatible changes ================================ This release disables RSA signatures using the SHA-1 hash algorithm by default. This change has been made as the SHA-1 hash algorithm is cryptographically broken, and it is possible to create chosen-prefix hash collisions for $OBJ/knownhosts_command << _EOF #!/bin/sh @@ -48,6 +50,6 @@ test "x\$1" = "x$keytype" || die "wrong keytype \$1 (expected $keytype)" test "x\$3" = "x$LOGNAME" || die "wrong username \$3 (expected $LOGNAME)" grep -- "\$1.*\$2" $OBJ/known_hosts _EOF - ${SSH} -F $OBJ/ssh_proxy -oHostKeyAlgorithms=$keytype x true || + ${SSH} -F $OBJ/ssh_proxy -oHostKeyAlgorithms=$algs x true || fail "ssh connect failed for keytype $x" done diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index d2ae7f282346..9682e352147d 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -882,12 +882,11 @@ sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, -rsa-sha2-512,rsa-sha2-256,ssh-rsa +rsa-sha2-512,rsa-sha2-256 .Ed .Pp The @@ -929,12 +928,11 @@ sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com, -rsa-sha2-512,rsa-sha2-256,ssh-rsa +rsa-sha2-512,rsa-sha2-256 .Ed .Pp If hostkeys are known for the destination host then this default is modified @@ -1512,12 +1510,11 @@ sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, --ssh-rsa-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, -rsa-sha2-512,rsa-sha2-256,ssh-rsa +rsa-sha2-512,rsa-sha2-256 .Ed .Pp The list of available signature algorithms may also be obtained using