Re: Deprecating RSA ssh host keys in 16
- In reply to: Shawn Webb : "Re: Deprecating RSA ssh host keys in 16"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 24 Sep 2024 19:20:11 UTC
On Tue, Sep 24, 2024 at 07:16:04PM UTC, Shawn Webb wrote: > On Tue, Sep 24, 2024 at 06:41:00PM UTC, Colin Percival wrote: > > Hi all, > > > > Last week I turned off RSA host key generation for SSH in EC2 instances, > > because (a) modern SSH clients support ecdsa and ed25519 keys, and (b) > > generating RSA host keys was taking over 10% of the boot time when EC2 > > instances booted for the first time. > > > > I don't think we should turn off RSA host key generation in general in > > 15.x since for non-VM/cloud images the first boot time is less relevant > > (if you're installing from an ISO image, the installer will take far > > longer than the host key generation) but I think it would make sense to > > deprecate RSA host keys in 15 and then turn them off by default in 16. > > > > I'm not sure if there's any good way to announce the deprecation beyond > > putting it into the release notes; we could print a warning in 15 when > > RSA host keys are generated, but that will always fire regardless of > > whether they're being *used* and I don't think there's any practical way > > to warn specifically when RSA host keys are *used*. So unless I'm > > missing something, the deprecation would just take the form of a few lines > > in the release notes. > > > > Thoughts? > > With commit e3f33c64ec168a48038309af0c237eda86d10c74[1], introduced on > 14 Nov 2024, HardenedBSD has disabled the generation of RSA host keys > by default. Whoops, time travel hasn't been invented yet. (Or so we think? ;-P) That would be 14 Nov 2023. > > We haven't seen any reports of any breakage. While the change might be > considered a POLA violation, it seems pretty harmless on today's > 15-CURRENT systems. > > We have a number of 15-CURRENT users, though we don't have any hard > data, and likely pales in comparison to the FreeBSD side--enough so > that the sample is too small to be a significant or reliable data > point. > > I have this commit taged as MFC-able, though I haven't MFC'd just yet. > It completely spaced my mind and I'll likely MFC shortly after sending > this email. > > [1]: https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/commit/e3f33c64ec168a48038309af0c237eda86d10c74 > > Thanks, > > -- > Shawn Webb > Cofounder / Security Engineer > HardenedBSD > > Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 > https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc -- Shawn Webb Cofounder / Security Engineer HardenedBSD Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc