On Sun, Jan 26, 2025 at 06:09:25PM +0000, Colin Watson wrote: > On Sun, Jan 26, 2025 at 07:53:26PM +0200, Martin-Éric Racine wrote: > > I have noticed this as well e.g. whenever Debian ships a new > > openssh-server package, I've had to manually run the command shown on > > the hardening guide to remove modulus below 3272-bit all over again. > > That's about DH moduli rather than host key sizes, right? That feels > somewhat different, because we just ship upstream's moduli file as a > conffile, so providing any debconf-style control over that would be very > difficult to do in a policy-compliant way. (I'm also not sure what the > compatibility implications are of dropping the smaller primes; I assume > there must be some or upstream would probably have done it already ...)
Also, in https://bugzilla.mindrot.org/show_bug.cgi?id=2793#c1, Damien Miller wrote: ... I don't think making people edit the moduli file is a great way to control which groups are negotiated. IMO a general MinimumDHSize option would probably be a better way to achieve this. I tend to agree, so I think any effort in the direction of giving people packaged ways to filter the moduli file (or whatever) would be better directed towards adding something like MinimumDHSize upstream. Then that ssh-audit recommendation could just become adding a single line to /etc/ssh/sshd_config.d/ssh-audit_hardening.conf. -- Colin Watson (he/him) [cjwat...@debian.org]
