From 8909ff0e3cd07d1b042d1be1c8b8828dbf6c9a83 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:09:50 +0000 Subject: Reject vulnerable keys to mitigate Debian OpenSSL flaw In 2008, Debian (and derived distributions such as Ubuntu) shipped an OpenSSL package with a flawed random number generator, causing OpenSSH to generate only a very limited set of keys which were subject to private half precomputation. To mitigate this, this patch checks key authentications against a blacklist of known-vulnerable keys, and adds a new ssh-vulnkey program which can be used to explicitly check keys against that blacklist. See CVE-2008-0166. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469 Last-Update: 2013-09-14 Patch-Name: ssh-vulnkey.patch --- ssh_config.5 | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'ssh_config.5') diff --git a/ssh_config.5 b/ssh_config.5 index e72919a89..8d806c701 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -1229,6 +1229,23 @@ is not specified, it defaults to .Dq any . The default is .Dq any:any . +.It Cm UseBlacklistedKeys +Specifies whether +.Xr ssh 1 +should use keys recorded in its blacklist of known-compromised keys (see +.Xr ssh-vulnkey 1 ) +for authentication. +If +.Dq yes , +then attempts to use compromised keys for authentication will be logged but +accepted. +It is strongly recommended that this be used only to install new authorized +keys on the remote system, and even then only with the utmost care. +If +.Dq no , +then attempts to use compromised keys for authentication will be prevented. +The default is +.Dq no . .It Cm UsePrivilegedPort Specifies whether to use a privileged port for outgoing connections. The argument must be -- cgit v1.2.3