Package: openssh
Severity: normal
Tags: patch
Dear Maintainer,
As per RFC 8732, gss-group14-sha1- and gss-gex-sha1- are considered
deprecated and should not be used [1].
Should we consider removing them from the default algorithms list?
I am proposing the attached patch to drop those algorithms in Ubuntu.
[1] https://www.rfc-editor.org/rfc/rfc8732#name-deprecated-algorithms
--
Athos Ribeiro
--- a/ssh-gss.h
+++ b/ssh-gss.h
@@ -80,9 +80,7 @@
KEX_GSS_GRP14_SHA256_ID "," \
KEX_GSS_GRP16_SHA512_ID "," \
KEX_GSS_NISTP256_SHA256_ID "," \
- KEX_GSS_C25519_SHA256_ID "," \
- KEX_GSS_GRP14_SHA1_ID "," \
- KEX_GSS_GEX_SHA1_ID
+ KEX_GSS_C25519_SHA256_ID
typedef struct {
char *filename;
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -1065,7 +1065,7 @@
.Ed
.Pp
The default is
-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,gss-curve25519-sha256-,gss-gex-sha1-,gss-group14-sha1- .
+.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,gss-curve25519-sha256- .
This option only applies to connections using GSSAPI.
.It Cm HashKnownHosts
Indicates that
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -815,7 +815,7 @@
.Ed
.Pp
The default is
-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,gss-curve25519-sha256-,gss-gex-sha1-,gss-group14-sha1- .
+.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,gss-curve25519-sha256- .
This option only applies to connections using GSSAPI.
.It Cm HostbasedAcceptedAlgorithms
Specifies the signature algorithms that will be accepted for hostbased
