Bonjour,
David Ponzone, le mar. 03 sept. 2024 14:13:11 +0200, a ecrit:
Est-ce quelqu’un a remarqué qu’une mise à jour récente d’OpenSSH sur Debian 12 (durant les 2/3 derniers mois) a littéralement torpillé les connexions depuis des vieux SSH (Debian 4, oui je sais, mais on fait pas toujours ce qu’on veut sur du legacy) et a torpillé les connexions avec auth par pubkey depuis Debian8 ?
Oui, c'est documenté dans le fichier /usr/share/doc/openssh-client/NEWS.Debian.gz
OpenSSH 8.8 includes a number of changes that may affect existing configurations:
* This release disables RSA signatures using the SHA-1 hash algorithm by default. This change has been made as the SHA-1 hash algorithm is cryptographically broken, and it is possible to create chosen-prefix hash collisions for <USD$50K.
For most users, this change should be invisible and there is no need to replace ssh-rsa keys. OpenSSH has supported RFC8332 RSA/SHA-256/512 signatures since release 7.2 and existing ssh-rsa keys will automatically use the stronger algorithm where possible.
Incompatibility is more likely when connecting to older SSH implementations that have not been upgraded or have not closely tracked improvements in the SSH protocol. For these cases, it may be necessary to selectively re-enable RSA/SHA1 to allow connection and/or user authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms options. For example, the following stanza in ~/.ssh/config will enable RSA/SHA1 for host and user authentication for a single destination host:
Host old-host HostkeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsa
We recommend enabling RSA/SHA1 only as a stopgap measure until legacy implementations can be upgraded or reconfigured with another key type (such as ECDSA or Ed25519).
OpenSSH 9.8p1 includes a number of changes that may affect existing configurations:
* DSA keys, as specified in the SSH protocol, are inherently weak: they are limited to 160-bit private keys and the SHA-1 digest. The SSH implementation provided by the openssh-client and openssh-server packages has disabled support for DSA keys by default since OpenSSH 7.0p1 in 2015, released with Debian 9 ("stretch"), although it could still be enabled using the HostKeyAlgorithms and PubkeyAcceptedAlgorithms configuration options for host and user keys respectively.
The only remaining uses of DSA at this point should be connecting to some very old devices. For all other purposes, the other key types supported by OpenSSH (RSA, ECDSA, and Ed25519) are superior.
As of OpenSSH 9.8p1, DSA keys are no longer supported even with the above configuration options. If you have a device that you can only connect to using DSA, then you can use the ssh1 command provided by the openssh-client-ssh1 package to do so.
Samuel