FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Infrastructure

 
 
LinkBack Thread Tools
 
Old 08-24-2008, 01:36 PM
Axel Thimm
 
Default Please restore ssh-dsa (was: cvs: Permission denied (publickey).)

> On Sat, Aug 23, 2008 at 04:37:13PM -0500, Jeffrey Ollie wrote:
> > The primary reason is that it's nearly impossible to tell if the key
> > was generated on a Debian system with the compromised OpenSSL
> > versions.

OK, I checked and it is far from impossible. After all the bug was
that there are only 32k possible keys per arch/size/type - Debian has
even issued blacklists for all keys of typical und some untypical
sizes like 1024/2048/1023/2047/4096/8192 and for some sizes they even
packaged it up, see

http://packages.debian.org/unstable/main/openssh-blacklist
http://packages.debian.org/unstable/main/openssh-blacklist-extra

If there is paranoia floating around, then why not use that blacklist
in Fedora/RHEL as well instead of nuking all DSA keys and still
allowing the bad RSA keys?

And if your are really paranoic then one can package up these
blacklists for general use by Fedora/RHEL's openssh. I don't know if
openssh has a blacklist-reject ability already coded in, though.
--
Axel.Thimm at ATrpms.net
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
 
Old 08-24-2008, 03:34 PM
"Stephen John Smoogen"
 
Default Please restore ssh-dsa (was: cvs: Permission denied (publickey).)

2008/8/24 Axel Thimm <Axel.Thimm@atrpms.net>:
> On Sat, Aug 23, 2008 at 04:37:13PM -0500, Jeffrey Ollie wrote:
>> 2008/8/23 Axel Thimm <Axel.Thimm@atrpms.net>:
>> > On Sat, Aug 23, 2008 at 04:06:07PM -0500, Jeffrey Ollie wrote:
>> >> 2008/8/23 Axel Thimm <Axel.Thimm@atrpms.net>:
>> >> >
>> >> > I saw that some people are using CVS again, so I tried as well, but I
>> >> > got:
>> >> >
>> >> > athimm@devel(1012):/home/.../smart/devel$ cvs up
>> >> > Permission denied (publickey).
>> >> > cvs [update aborted]: end of file from server (consult above messages if any)
>> >> >
>> >> > I have a new FAS password, all certs updated, I even checked the cvs
>> >> > procedures for newbies on fpo, but I had no luck. What am I doing
>> >> > wrong?
>> >>
>> >> Did you upload a new SSH public key?
>> >
>> > It won't let me:
>> >
>> > Error!
>> >
>> > The following error(s) have occured with your request:
>> >
>> > * ssh_key: Error - Not a valid RSA SSH key: ssh-dss ...
>> >
>> > Have DSA keys now been banned?
>>
>> Yes.
>>
>> > Why?
>>
>> The primary reason is that it's nearly impossible to tell if the key
>> was generated on a Debian system with the compromised OpenSSL
>> versions.
>
> That's overreacting. What happens if Gentoo makes a similar mistake
> with RSA keys, will we ban them, too? DSA is a decent technology.
>

No because RSA doesn't leak information into your public key nor does
it rely on the 'random' secret key to the same extent. Th


>> I've heard rumblings that DSA keys are weaker for other reasons, but
>> I've not seen any good explanations.
>
> Hearsay, your honour! On the contrary, I've heard that DSA gathers at
> 1024 bits at least as much entropy as RSA with 2048, and DSA was the
> recommended "new" algorithm half a decade ago. Currently RSA and DSA
> are equal up.
>

I take your hearsay, and counter with my hearsay that DSA will be
replaced next year with DSA2 which can use 4 bits of entropy and be as
secure as 4096 RSA.





--
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"

_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
 
Old 08-24-2008, 03:39 PM
"Stephen John Smoogen"
 
Default Please restore ssh-dsa (was: cvs: Permission denied (publickey).)

2008/8/24 Axel Thimm <Axel.Thimm@atrpms.net>:
>> On Sat, Aug 23, 2008 at 04:37:13PM -0500, Jeffrey Ollie wrote:
>> > The primary reason is that it's nearly impossible to tell if the key
>> > was generated on a Debian system with the compromised OpenSSL
>> > versions.
>
> OK, I checked and it is far from impossible. After all the bug was
> that there are only 32k possible keys per arch/size/type - Debian has
> even issued blacklists for all keys of typical und some untypical
> sizes like 1024/2048/1023/2047/4096/8192 and for some sizes they even
> packaged it up, see
>
> http://packages.debian.org/unstable/main/openssh-blacklist
> http://packages.debian.org/unstable/main/openssh-blacklist-extra
>
> If there is paranoia floating around, then why not use that blacklist
> in Fedora/RHEL as well instead of nuking all DSA keys and still
> allowing the bad RSA keys?
>

All RSA keys were nuked too.

> And if your are really paranoic then one can package up these
> blacklists for general use by Fedora/RHEL's openssh. I don't know if
> openssh has a blacklist-reject ability already coded in, though.

No it does not.



--
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"

_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
 
Old 08-24-2008, 03:43 PM
Axel Thimm
 
Default Please restore ssh-dsa (was: cvs: Permission denied (publickey).)

On Sun, Aug 24, 2008 at 09:34:36AM -0600, Stephen John Smoogen wrote:
> >> > * ssh_key: Error - Not a valid RSA SSH key: ssh-dss ...
> >> >
> >> > Have DSA keys now been banned?
> >>
> >> Yes.
> >>
> >> > Why?
> >>
> >> The primary reason is that it's nearly impossible to tell if the key
> >> was generated on a Debian system with the compromised OpenSSL
> >> versions.
> >
> > That's overreacting. What happens if Gentoo makes a similar mistake
> > with RSA keys, will we ban them, too? DSA is a decent technology.
>
> No because RSA doesn't leak information into your public key nor does
> it rely on the 'random' secret key to the same extent. Th

Your mixing different issues: What you are referring to is using a
good DSA key from a bad host. The context above was about the DSA/RSA
keys generated in the bad two year window. Both DSA and RSA from that
time frame are equally predictable.

> >> I've heard rumblings that DSA keys are weaker for other reasons, but
> >> I've not seen any good explanations.
> >
> > Hearsay, your honour! On the contrary, I've heard that DSA gathers at
> > 1024 bits at least as much entropy as RSA with 2048, and DSA was the
> > recommended "new" algorithm half a decade ago. Currently RSA and DSA
> > are equal up.
>
> I take your hearsay, and counter with my hearsay that DSA will be
> replaced next year with DSA2 which can use 4 bits of entropy and be as
> secure as 4096 RSA.

Cool, then let the hearsays determine our processes.
--
Axel.Thimm at ATrpms.net
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
 
Old 08-24-2008, 04:19 PM
"Stephen John Smoogen"
 
Default Please restore ssh-dsa (was: cvs: Permission denied (publickey).)

2008/8/24 Axel Thimm <Axel.Thimm@atrpms.net>:
> On Sun, Aug 24, 2008 at 09:34:36AM -0600, Stephen John Smoogen wrote:
>> >> > * ssh_key: Error - Not a valid RSA SSH key: ssh-dss ...
>> >> >
>> >> > Have DSA keys now been banned?
>> >>
>> >> Yes.
>> >>
>> >> > Why?
>> >>
>> >> The primary reason is that it's nearly impossible to tell if the key
>> >> was generated on a Debian system with the compromised OpenSSL
>> >> versions.
>> >
>> > That's overreacting. What happens if Gentoo makes a similar mistake
>> > with RSA keys, will we ban them, too? DSA is a decent technology.
>>
>> No because RSA doesn't leak information into your public key nor does
>> it rely on the 'random' secret key to the same extent. Th
>
> Your mixing different issues: What you are referring to is using a
> good DSA key from a bad host. The context above was about the DSA/RSA
> keys generated in the bad two year window. Both DSA and RSA from that
> time frame are equally predictable.

You wanted to know about other weaknesses in the DSA string. I wrote
it in the wrong spot. In the end, it is easier to audit bad RSA over
DSA and having one set to look for in case of another bad OpenSSL is
easier on the volunteer admins to deal with.

>> >> I've heard rumblings that DSA keys are weaker for other reasons, but
>> >> I've not seen any good explanations.
>> >
>> > Hearsay, your honour! On the contrary, I've heard that DSA gathers at
>> > 1024 bits at least as much entropy as RSA with 2048, and DSA was the
>> > recommended "new" algorithm half a decade ago. Currently RSA and DSA
>> > are equal up.
>>
>> I take your hearsay, and counter with my hearsay that DSA will be
>> replaced next year with DSA2 which can use 4 bits of entropy and be as
>> secure as 4096 RSA.
>
> Cool, then let the hearsays determine our processes.

Ok lets turn off the sarcasm.. I am sorry I started it.



--
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"

_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
 

Thread Tools




All times are GMT. The time now is 02:45 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org