[
https://issues.apache.org/jira/browse/SSHD-1216?focusedWorklogId=665829&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-665829
]
ASF GitHub Bot logged work on SSHD-1216:
----------------------------------------
Author: ASF GitHub Bot
Created on: 17/Oct/21 00:36
Start Date: 17/Oct/21 00:36
Worklog Time Spent: 10m
Work Description: tomaswolf opened a new pull request #204:
URL: https://github.com/apache/mina-sshd/pull/204
Provide a default implementation for the server-side SSH_MSG_EXT_INFO
message sending including the server-sig-algs KEX extension.[1]
A server that implements the rsa-sha2-512 or rsa-sha2-256 signature
algorithms should implement this extension, otherwise even clients that
also have these signature algorithms may fall back to ssh-rsa to avoid
authentication penalties.[2]
Apache MINA sshd servers by default do implement the SHA-2 RSA
signatures, and an Apache MINA sshd client by default does request KEX
extension information and does handle the server-sig-algs extension. So
an Apache MINA sshd server should by default implement this extension.
This implementation sends the server-sig-algs extension record once at
the end of the initial key exchange.
[1] https://tools.ietf.org/html/rfc8308
[2] https://tools.ietf.org/html/rfc8332#section-3.3
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 665829)
Time Spent: 20m (was: 10m)
> Implement RFC 8332 server-sig-algs on the server
> ------------------------------------------------
>
> Key: SSHD-1216
> URL: https://issues.apache.org/jira/browse/SSHD-1216
> Project: MINA SSHD
> Issue Type: Improvement
> Reporter: Ben Humphreys
> Assignee: Thomas Wolf
> Priority: Major
> Fix For: 2.7.1
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> In the recently released [OpenSSH
> 8.8|https://www.openssh.com/txt/release-8.8] for RSA keys the public key
> signature algorithm that depends on SHA-1 has been disabled by default:
> {quote}This release disables RSA signatures using the SHA-1 hash algorithm
> 2by default. This change has been made as the SHA-1 hash algorithm is
> cryptographically broken, and it is possible to create chosen-prefix 4hash
> collisions for <USD$50K [1]
> {quote}
> As a result OpenSSH 8.8 clients are unable to authenticate with Mina SSHD
> servers with RSA based keys (it is however possible to reenable ssh-rsa).
> OpenSSH since 7.2 does however support RFC 8332 RSA/SHA-256/512 signatures,
> indeed the release notes go on to say:
> {quote}
> For most users, this change should be invisible and there is no need to
> replace ssh-rsa keys. OpenSSH has supported RFC8332 RSA/SHA-256/512
> signatures since release 7.2 and existing ssh-rsa keys will automatically use
> the stronger algorithm where possible.
> {quote}
> It appears Mina SSHD partly implements support for RFC 8332, indeed the
> client code appears to support it (see SSHD-1141). However the server appears
> to lack full support because it doesn't full implement the"server-sig-algs"
> extension.
> The basic framework for supporting this seems to be present, specifically
> {{AbstractKexFactoryManager.setKexExtensionHandler()}} could perhaps permit
> such a "server-sig-algs" extension.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
