sshd appears to be broken when both host rsa and dsa key file present
Vincent Stemen
vince.dragonfly at hightek.org
Mon Jan 26 06:47:03 PST 2009
On Sun, Jan 25, 2009 at 11:21:53PM -0800, Matthew Dillon wrote:
>
> :> Seems like the import of openssh-5.1 reverted the order of the default
> :> hostkey algorithm proposal, which has been part of FreeBSD-local
> :> preferences for many years:
> :> diff --git a/crypto/openssh-5/myproposal.h b/crypto/openssh-5/myproposal.h
> :> index 8bdad7b..87a9e58 100644
> :> --- a/crypto/openssh-5/myproposal.h
> :> +++ b/crypto/openssh-5/myproposal.h
> :> @@ -40,7 +40,7 @@
> :> "diffie-hellman-group1-sha1"
> :> #endif
> :>
> :> -#define KEX_DEFAULT_PK_ALG "ssh-dss,ssh-rsa"
> :> +#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"
> :> #define KEX_DEFAULT_ENCRYPT \
> :..
> :> HostKeyAlgorithms ssh-dsa,ssh-rsa
> :
> :This should read:
> :
> : HostKeyAlgorithms ssh-dss,ssh-rsa
> :
> :(-dss, not -dsa).
> :--
> :| Jeremy Chadwick jdc at parodius.com |
>
> That looks like a client-side solution, though, which doesn't
> help fix the server-side defaults.
>
> Does changing KEX_DEFAULT_PK_ALG fix it on the server side? If
> so I think we may need to re-apply the local change.
>
> -Matt
> Matthew Dillon
> <dillon at backplane.com>
Would there really be any reason to change it back. I assume they changed RSA
to being the default is because the patent is expired. Also, according to my
notes,
RSA is preferable in most cases, since DSA is slower
and cannot encrypt in and of itself (DSA is a signing
algorithm only). RSA can be used to encrypt files.
More information about the Bugs
mailing list