Page MenuHomeFreeBSD
Differential D48910

ssh: Disable DSA keys
ClosedPublic
Actions

Authored by emaste on Mon, Feb 10, 1:28 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Feb 17, 7:13 AM
Unknown Object (File)
Thu, Feb 13, 5:17 AM
Unknown Object (File)
Thu, Feb 13, 12:31 AM
Unknown Object (File)
Wed, Feb 12, 11:23 PM
Unknown Object (File)
Wed, Feb 12, 5:52 PM
Unknown Object (File)
Wed, Feb 12, 10:03 AM
Unknown Object (File)
Mon, Feb 10, 5:04 PM
Subscribers
imp
ziaee
releng
secteam

Details

Reviewers
des
jlduran
Commits
rG0b707d5fe8b6: ssh: Disable support for DSA keys
Summary

This is the upstream default -- from the 9.8p1 release notes:

Future deprecation notice

OpenSSH plans to remove support for the DSA signature algorithm in
early 2025. This release disables DSA by default at compile time.

DSA, as specified in the SSHv2 protocol, is inherently weak - being
limited to a 160 bit private key and use of the SHA1 digest. Its
estimated security level is only 80 bits symmetric equivalent.

OpenSSH has disabled DSA keys by default since 2015 but has retained
run-time optional support for them. DSA was the only mandatory-to-
implement algorithm in the SSHv2 RFCs, mostly because alternative
algorithms were encumbered by patents when the SSHv2 protocol was
specified.

This has not been the case for decades at this point and better
algorithms are well supported by all actively-maintained SSH
implementations. We do not consider the costs of maintaining DSA
in OpenSSH to be justified and hope that removing it from OpenSSH
can accelerate its wider deprecation in supporting cryptography
libraries.

This release, and its deactivation of DSA by default at compile-time,
marks the second step in our timeline to finally deprecate DSA. The
final step of removing DSA support entirely is planned for the first
OpenSSH release of 2025.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste requested review of this revision.Mon, Feb 10, 1:28 PM
emaste created this revision.
emaste added a subscriber: secteam.
emaste added inline comments.Mon, Feb 10, 1:38 PM
crypto/openssh/config.h
1980–1981

This comment is somewhat confusing, but is what upstream's ./configure generates

emaste added subscribers: releng, ziaee.Mon, Feb 10, 3:32 PM

We'll want to make note of this (upcoming) change in the 13.5 release notes too.

jlduran accepted this revision.Mon, Feb 10, 4:37 PM
jlduran added inline comments.
crypto/openssh/config.h
1980–1981

Yes, comparing it with the artifacts (config.h) generated by the test matrix (from the "save config" step on GitHub).

This revision is now accepted and ready to land.Mon, Feb 10, 4:37 PM
ziaee added a comment.Mon, Feb 10, 5:39 PM

Thanks for inviting me! How's this: https://reviews.freebsd.org/D48912 ?

emaste added a child revision: D48914: ssh: update to 9.8p1 (build infrastructure).Mon, Feb 10, 8:23 PM
Closed by commit rG0b707d5fe8b6: ssh: Disable support for DSA keys (authored by emaste). · Explain WhyMon, Feb 10, 8:55 PM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rG0b707d5fe8b6: ssh: Disable support for DSA keys.
Herald added a subscriber: imp. · View Herald TranscriptMon, Feb 10, 8:55 PM

Revision Contents
Changeset List

PathSize
crypto/
openssh/
4 lines

Diff 150795

View Options

crypto/openssh/config.h

Loading...