内容简介:OpenSSH, the most popular utility for connecting to and managing remote servers, has announced today plans to drop support for its SHA-1 authentication scheme.The OpenSSH team cited security concerns with the SHA-1 hashing algorithm, currently considered i
OpenSSH, the most popular utility for connecting to and managing remote servers, has announced today plans to drop support for its SHA-1 authentication scheme.
The OpenSSH team cited security concerns with the SHA-1 hashing algorithm, currently considered insecure.
The algorithm was broken in a practical, real-world attack in February 2017, when Google cryptographers disclosed SHAttered , a technique that could make two different files appear as they had the same SHA-1 file signature.
At the time, creating an SHA-1 collision was considered computationally expensive, and Google experts thought SHA-1 could still be used in practice for at least half a decade until the cost would go down.
However, subsequent research released in May 2019 and in January 2020, detailed an updated methodology to cut down the cost of an SHA-1 chosen-prefix collision attack tounder $110,000 and under $50,000 , respectively.
For advanced threat actors, such as nation-state and high-end cybercrime groups, $50,000 is a small price to pay if they could generate an SSH authentication key that grants them remote and undetected access to critical servers.
OpenSSH to disable "ssh-rsa" mode
"For this reason, we will be disabling the 'ssh-rsa' public key signature algorithm by default in a near-future release," OpenSSH developers said today.
The OpenSSH app uses the "ssh-rsa" mode to generate SSH authentication keys . One of these keys is stored on the server a user wants to log in, and the other is stored in the user's local OpenSSH client, allowing users to access servers without having to enter their passwords on every login, presenting the local authentication key instead.
By default, the OpenSSH ssh-rsa mode generates these keys by using the SHA-1 hashing function, meaning these keys are susceptible to SHAterred attacks, allowing threat actors to generate duplicate keys.
"This algorithm is unfortunately still used widely despite the existence of better alternatives, being the only remaining public key signature algorithm specified by the original SSH RFCs," OpenSSH devs said today.
The OpenSSH team is now asking server owners to check if their keys have been generated with the default ssh-rsa mode, and generate new ones using a different mode.
Recommended modes are rsa-sha2-256/512 (supported since OpenSSH 7.2), ssh-ed25519 (supported since OpenSSH 6.5) or ecdsa-sha2-nistp256/384/521 (supported since OpenSSH 5.7), the OpenSSH team said.
here's the best piece of the recent announcement. RIP & one minute silence to all embedded systems and appliances that will never see an upgrade for deprecating ssh-rsa SHA-1 based keys in OpenSSH. pic.twitter.com/zf5VewugC6
— Julio (@juliocesarfort) May 27, 2020The OpenSSH project will by disabling the ssh-rsa mode by default in a future (currently unspecified) release, however, before that, they also plan to enable the UpdateHostKeys feature by default, to allow server owners to easily and automatically migrate from the old ssh-rsa mode to better authentication algorithms.
Server owners who rely on OpenSSH to manage remote systems can find additional details on how to test their server for weak SHA-1-based keys in the OpenSSH 8.3 changelog .
In a previous release, in version 8.2, the OpenSSH team also added support for FIDO/U2F-based hardware security keys , which can also be used to log into remote servers in even a safer manner.
以上所述就是小编给大家介绍的《OpenSSH to deprecate SHA-1 logins due to security risk》,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对 码农网 的支持!
猜你喜欢:
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
