Bonjour,

David Ponzone, le mar. 03 sept. 2024 14:13:11 +0200, a ecrit:
> Est-ce quelqu’un a remarqué qu’une mise à jour récente d’OpenSSH sur Debian 
> 12 (durant les 2/3 derniers mois) a littéralement torpillé les connexions 
> depuis des vieux SSH (Debian 4, oui je sais, mais on fait pas toujours ce 
> qu’on veut sur du legacy) et a torpillé les connexions avec auth par pubkey 
> depuis Debian8 ?

Oui, c'est documenté dans le fichier
/usr/share/doc/openssh-client/NEWS.Debian.gz

  OpenSSH 8.8 includes a number of changes that may affect existing
  configurations:

   * This release disables RSA signatures using the SHA-1 hash algorithm by
     default. This change has been made as the SHA-1 hash algorithm is
     cryptographically broken, and it is possible to create chosen-prefix
     hash collisions for <USD$50K.

     For most users, this change should be invisible and there is no need to
     replace ssh-rsa keys. OpenSSH has supported RFC8332 RSA/SHA-256/512
     signatures since release 7.2 and existing ssh-rsa keys will
     automatically use the stronger algorithm where possible.

     Incompatibility is more likely when connecting to older SSH
     implementations that have not been upgraded or have not closely tracked
     improvements in the SSH protocol. For these cases, it may be necessary
     to selectively re-enable RSA/SHA1 to allow connection and/or user
     authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms
     options. For example, the following stanza in ~/.ssh/config will enable
     RSA/SHA1 for host and user authentication for a single destination
     host:

         Host old-host
             HostkeyAlgorithms +ssh-rsa
             PubkeyAcceptedAlgorithms +ssh-rsa

     We recommend enabling RSA/SHA1 only as a stopgap measure until legacy
     implementations can be upgraded or reconfigured with another key type
     (such as ECDSA or Ed25519).

  OpenSSH 9.8p1 includes a number of changes that may affect existing
  configurations:

   * DSA keys, as specified in the SSH protocol, are inherently weak: they
     are limited to 160-bit private keys and the SHA-1 digest.  The SSH
     implementation provided by the openssh-client and openssh-server
     packages has disabled support for DSA keys by default since OpenSSH
     7.0p1 in 2015, released with Debian 9 ("stretch"), although it could
     still be enabled using the HostKeyAlgorithms and
     PubkeyAcceptedAlgorithms configuration options for host and user keys
     respectively.

     The only remaining uses of DSA at this point should be connecting to
     some very old devices.  For all other purposes, the other key types
     supported by OpenSSH (RSA, ECDSA, and Ed25519) are superior.

     As of OpenSSH 9.8p1, DSA keys are no longer supported even with the
     above configuration options.  If you have a device that you can only
     connect to using DSA, then you can use the ssh1 command provided by the
     openssh-client-ssh1 package to do so.

Samuel
_______________________________________________
Liste de diffusion du %(real_name)s
http://www.frsag.org/

Répondre à