Bonjour,
David Ponzone, le mar. 03 sept. 2024 14:13:11 +0200, a ecrit:
> Est-ce quelqu’un a remarqué qu’une mise à jour récente d’OpenSSH sur Debian
> 12 (durant les 2/3 derniers mois) a littéralement torpillé les connexions
> depuis des vieux SSH (Debian 4, oui je sais, mais on fait pas toujours ce
> qu’on veut sur du legacy) et a torpillé les connexions avec auth par pubkey
> depuis Debian8 ?
Oui, c'est documenté dans le fichier
/usr/share/doc/openssh-client/NEWS.Debian.gz
OpenSSH 8.8 includes a number of changes that may affect existing
configurations:
* This release disables RSA signatures using the SHA-1 hash algorithm by
default. This change has been made as the SHA-1 hash algorithm is
cryptographically broken, and it is possible to create chosen-prefix
hash collisions for <USD$50K.
For most users, this change should be invisible and there is no need to
replace ssh-rsa keys. OpenSSH has supported RFC8332 RSA/SHA-256/512
signatures since release 7.2 and existing ssh-rsa keys will
automatically use the stronger algorithm where possible.
Incompatibility is more likely when connecting to older SSH
implementations that have not been upgraded or have not closely tracked
improvements in the SSH protocol. For these cases, it may be necessary
to selectively re-enable RSA/SHA1 to allow connection and/or user
authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms
options. For example, the following stanza in ~/.ssh/config will enable
RSA/SHA1 for host and user authentication for a single destination
host:
Host old-host
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
We recommend enabling RSA/SHA1 only as a stopgap measure until legacy
implementations can be upgraded or reconfigured with another key type
(such as ECDSA or Ed25519).
OpenSSH 9.8p1 includes a number of changes that may affect existing
configurations:
* DSA keys, as specified in the SSH protocol, are inherently weak: they
are limited to 160-bit private keys and the SHA-1 digest. The SSH
implementation provided by the openssh-client and openssh-server
packages has disabled support for DSA keys by default since OpenSSH
7.0p1 in 2015, released with Debian 9 ("stretch"), although it could
still be enabled using the HostKeyAlgorithms and
PubkeyAcceptedAlgorithms configuration options for host and user keys
respectively.
The only remaining uses of DSA at this point should be connecting to
some very old devices. For all other purposes, the other key types
supported by OpenSSH (RSA, ECDSA, and Ed25519) are superior.
As of OpenSSH 9.8p1, DSA keys are no longer supported even with the
above configuration options. If you have a device that you can only
connect to using DSA, then you can use the ssh1 command provided by the
openssh-client-ssh1 package to do so.
Samuel
_______________________________________________
Liste de diffusion du %(real_name)s
http://www.frsag.org/
