diff options
author | Colin Watson <cjwatson@ubuntu.com> | 2014-02-09 16:09:50 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-02-09 16:17:31 +0000 |
commit | 8909ff0e3cd07d1b042d1be1c8b8828dbf6c9a83 (patch) | |
tree | ebee4092f1411059e34da6f66b4ebd64f4411020 /readconf.c | |
parent | 07f2a771c490bd68cd5c5ea9c535705e93bd94f3 (diff) |
Reject vulnerable keys to mitigate Debian OpenSSL flaw
In 2008, Debian (and derived distributions such as Ubuntu) shipped an
OpenSSL package with a flawed random number generator, causing OpenSSH to
generate only a very limited set of keys which were subject to private half
precomputation. To mitigate this, this patch checks key authentications
against a blacklist of known-vulnerable keys, and adds a new ssh-vulnkey
program which can be used to explicitly check keys against that blacklist.
See CVE-2008-0166.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469
Last-Update: 2013-09-14
Patch-Name: ssh-vulnkey.patch
Diffstat (limited to 'readconf.c')
-rw-r--r-- | readconf.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/readconf.c b/readconf.c index 2695fd6c0..22e5a3a61 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -128,6 +128,7 @@ typedef enum { | |||
128 | oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, | 128 | oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, |
129 | oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, | 129 | oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, |
130 | oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, | 130 | oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, |
131 | oUseBlacklistedKeys, | ||
131 | oHostKeyAlgorithms, oBindAddress, oPKCS11Provider, | 132 | oHostKeyAlgorithms, oBindAddress, oPKCS11Provider, |
132 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, | 133 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, |
133 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, | 134 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
@@ -161,6 +162,7 @@ static struct { | |||
161 | { "passwordauthentication", oPasswordAuthentication }, | 162 | { "passwordauthentication", oPasswordAuthentication }, |
162 | { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, | 163 | { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, |
163 | { "kbdinteractivedevices", oKbdInteractiveDevices }, | 164 | { "kbdinteractivedevices", oKbdInteractiveDevices }, |
165 | { "useblacklistedkeys", oUseBlacklistedKeys }, | ||
164 | { "rsaauthentication", oRSAAuthentication }, | 166 | { "rsaauthentication", oRSAAuthentication }, |
165 | { "pubkeyauthentication", oPubkeyAuthentication }, | 167 | { "pubkeyauthentication", oPubkeyAuthentication }, |
166 | { "dsaauthentication", oPubkeyAuthentication }, /* alias */ | 168 | { "dsaauthentication", oPubkeyAuthentication }, /* alias */ |
@@ -523,6 +525,10 @@ parse_flag: | |||
523 | intptr = &options->challenge_response_authentication; | 525 | intptr = &options->challenge_response_authentication; |
524 | goto parse_flag; | 526 | goto parse_flag; |
525 | 527 | ||
528 | case oUseBlacklistedKeys: | ||
529 | intptr = &options->use_blacklisted_keys; | ||
530 | goto parse_flag; | ||
531 | |||
526 | case oGssAuthentication: | 532 | case oGssAuthentication: |
527 | intptr = &options->gss_authentication; | 533 | intptr = &options->gss_authentication; |
528 | goto parse_flag; | 534 | goto parse_flag; |
@@ -1210,6 +1216,7 @@ initialize_options(Options * options) | |||
1210 | options->kbd_interactive_devices = NULL; | 1216 | options->kbd_interactive_devices = NULL; |
1211 | options->rhosts_rsa_authentication = -1; | 1217 | options->rhosts_rsa_authentication = -1; |
1212 | options->hostbased_authentication = -1; | 1218 | options->hostbased_authentication = -1; |
1219 | options->use_blacklisted_keys = -1; | ||
1213 | options->batch_mode = -1; | 1220 | options->batch_mode = -1; |
1214 | options->check_host_ip = -1; | 1221 | options->check_host_ip = -1; |
1215 | options->strict_host_key_checking = -1; | 1222 | options->strict_host_key_checking = -1; |
@@ -1320,6 +1327,8 @@ fill_default_options(Options * options) | |||
1320 | options->rhosts_rsa_authentication = 0; | 1327 | options->rhosts_rsa_authentication = 0; |
1321 | if (options->hostbased_authentication == -1) | 1328 | if (options->hostbased_authentication == -1) |
1322 | options->hostbased_authentication = 0; | 1329 | options->hostbased_authentication = 0; |
1330 | if (options->use_blacklisted_keys == -1) | ||
1331 | options->use_blacklisted_keys = 0; | ||
1323 | if (options->batch_mode == -1) | 1332 | if (options->batch_mode == -1) |
1324 | options->batch_mode = 0; | 1333 | options->batch_mode = 0; |
1325 | if (options->check_host_ip == -1) | 1334 | if (options->check_host_ip == -1) |