There is currently no known way to generate a private key that would match your private key hash, faster than brute force, and MD5 still provides adequate protection against brute-force attacks.
While nobody should be designing new protocols using MD5 just because there is no reason to use a hash algorithm that has *any* known weaknesses, its known weaknesses are not relevant to this application. A method is known to generate two pieces of data with the same MD5 hash. This isn't the same thing as saying that a method is known to generate a piece of data with any given MD5 hash, or the same MD5 hash as another piece of data. On 31 August 2025 11:40:12 CEST, Dan Mahoney via NANOG <[email protected]> wrote: >Randy, > >Something else I recently discovered that relates to this issue: > >I think there’s a serious flaw in the way ssh key hashes are done on IOS. >I’ve been in touch with Cisco CSIRT about it, and they’ve approved >publication, but in short, if you’re using pubkey auth to a cisco device, you >might want to rethink it. > >Short version: Unlike normal pubkeys, IOS only stores an md5 hash of your key >to auth against, and you can thus use any key that matches that hash. Which >an attacker now has. > >https://gushi.medium.com/what-i-learned-from-configuring-ssh-pubkey-auth-on-cisco-ios-cbeb1e5b3b77 > >(should not be paywalled, email me privately if it is) > >> On Aug 30, 2025, at 11:30, Randy Bush via NANOG <[email protected]> >> wrote: >> >> a fellow nanogger wrote: >> >>> I've only *just* gotten to the note from a week or more ago. >>> >>>> + tftp-server nvram:startup-config <<<<<<====== >>>> snmp-server community foo 98 >>>> snmp-server trap-source Vlan1 >>>> snmp-server location Ashburn VA US >>> >>> I, too, got this from a RANCID setup I built a long time ago. >>> >>>> and here is the talos report, thanks joe >>>> >>>> https://blog.talosintelligence.com/static-tundra/ >>>> >>>> set `no vstack` in config. no, that is not the default. >>> >>> I'd told the owner that I didn't think he had control of his gear >>> anymore, but this helped me to convince him to put a new switch in. >> >> moving this to nanog because i did not elaborate on a critical point. >> >> when you get this, presume the config of this trivial ancient devic has >> been snatched. did the device have any burned in users, a la >> >> username foo privilege 15 password 7 bar >> >> and that uid/pass is used on other, presumably more modern, devices, >> you need to change the passwords everywhere. >> >> same for other credentials, snmp, bgpmd5, ... >> >> randy >> _______________________________________________ >> NANOG mailing list >> https://lists.nanog.org/archives/list/[email protected]/message/HJ64BOPTJ75K3EX5AEHR4E4LW5OZEEQG/ > >_______________________________________________ >NANOG mailing list >https://lists.nanog.org/archives/list/[email protected]/message/FKCDTX5WO74LJBAE5DDNDBW3V7J76AB7/ _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/FNXYQDBG4MCJOV4Y2GSJFT4HLHFAOA6U/
