Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

shellhub: change RSA SSH key generation to AES256 #1315

Closed
wants to merge 1 commit into from

Conversation

henrybarreto
Copy link
Member

Currently, the Shellhub has used RSA SHA1 for SSH connection. This commit
change the hashing algorithm from the default, SHA1, to AES256.

On the update of OpenSSH to version 8.8, the RSA SHA1 key was deprecated,
making connection from clients from this version needs an extra param to
connect.

This release disables RSA signatures using the SHA-1 hash algorithm
by default. This change has been made as the SHA-1 hash algorithm is
cryptographically broken, and it is possible to create chosen-prefix
hash collisions for <USD$50K [1]

https://www.openssh.com/txt/release-8.8

Currently, the Shellhub has used RSA SHA1 for SSH connection. This commit
change the hashing algorithm from the default, SHA1, to AES256.

On the update of OpenSSH to version `8.8`, the RSA SHA1 key was deprecated,
making connection from clients from this version needs an extra param to
connect.

```
This release disables RSA signatures using the SHA-1 hash algorithm
by default. This change has been made as the SHA-1 hash algorithm is
cryptographically broken, and it is possible to create chosen-prefix
hash collisions for <USD$50K [1]
```

https://www.openssh.com/txt/release-8.8
@henrybarreto henrybarreto marked this pull request as draft October 1, 2021 04:04
@henrybarreto
Copy link
Member Author

henrybarreto commented Oct 1, 2021

https://www.openssh.com/txt/release-8.8

As the Change log from OpenSSH 8.8 says, and it took me a while to understand, ssh-rsa using SHA 1 was deprecated at once, but the key compatibilities haven't changed.

This release disables RSA signatures using the SHA-1 hash algorithm
by default. This change has been made as the SHA-1 hash algorithm is
cryptographically broken, and it is possible to create chosen-prefix
hash collisions for <USD$50K [1]

I guess it means that we need our server to have support for RSA SHA-2, but the package we use, or its decencies, does not implement.

If the system implements an old version of the protocol, extra configuration would be needed for it to work:
bash -oHostKeyAlgorithms=+ssh-rsa

As an example

ssh -oHostKeyAlgorithms=+ssh-rsa [email protected]@localhost

Incompatibility is more likely when connecting to older SSH
implementations that have not been upgraded or have not closely tracked
improvements in the SSH protocol. For these cases, it may be necessary
to selectively re-enable RSA/SHA1
to allow connection and/or user
authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms
options. For example, the following stanza in ~/.ssh/config will enable
RSA/SHA1 for host and user authentication for a single destination host:

A good explanation's articles:

@henrybarreto henrybarreto added go Pull requests that update Go code and removed kind/feature New feature or request status/require-tests do-not-merge labels Oct 1, 2021
@henrybarreto henrybarreto deleted the fix/sshKeyGenerationAES256 branch December 22, 2021 11:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants