From d7f8bf3e6d120d2dfbe4cb3a72e57ea1e7be5289 Mon Sep 17 00:00:00 2001 From: Joe Testa Date: Tue, 19 Mar 2024 18:24:22 -0400 Subject: [PATCH] Updated notes on OpenSSH default key exchanges. (#258) --- src/ssh_audit/ssh2_kexdb.py | 7 ++++--- test/docker/expected_results/dropbear_2019.78_test1.json | 4 ++-- test/docker/expected_results/dropbear_2019.78_test1.txt | 4 ++-- test/docker/expected_results/openssh_8.0p1_test1.json | 4 ++-- test/docker/expected_results/openssh_8.0p1_test1.txt | 4 ++-- test/docker/expected_results/openssh_8.0p1_test2.json | 4 ++-- test/docker/expected_results/openssh_8.0p1_test2.txt | 4 ++-- test/docker/expected_results/openssh_8.0p1_test3.json | 4 ++-- test/docker/expected_results/openssh_8.0p1_test3.txt | 4 ++-- test/docker/expected_results/tinyssh_20190101_test1.json | 4 ++-- test/docker/expected_results/tinyssh_20190101_test1.txt | 4 ++-- 11 files changed, 24 insertions(+), 23 deletions(-) diff --git a/src/ssh_audit/ssh2_kexdb.py b/src/ssh_audit/ssh2_kexdb.py index f1ec908..4d18bf0 100644 --- a/src/ssh_audit/ssh2_kexdb.py +++ b/src/ssh_audit/ssh2_kexdb.py @@ -62,7 +62,8 @@ class SSH2_KexDB: # pylint: disable=too-few-public-methods WARN_TAG_SIZE_96 = 'using small 96-bit tag size' INFO_DEFAULT_OPENSSH_CIPHER = 'default cipher since OpenSSH 6.9' - INFO_DEFAULT_OPENSSH_KEX_64_TO_89 = 'default key exchange from OpenSSH 6.4 to 8.9' + INFO_DEFAULT_OPENSSH_KEX_65_TO_73 = 'default key exchange from OpenSSH 6.5 to 7.3' + INFO_DEFAULT_OPENSSH_KEX_74_TO_89 = 'default key exchange from OpenSSH 7.4 to 8.9' INFO_DEFAULT_OPENSSH_KEX_90 = 'default key exchange since OpenSSH 9.0' INFO_DEPRECATED_IN_OPENSSH88 = 'deprecated in OpenSSH 8.8: https://www.openssh.com/txt/release-8.8' INFO_DISABLED_IN_DBEAR67 = 'disabled in Dropbear SSH 2015.67' @@ -82,8 +83,8 @@ class SSH2_KexDB: # pylint: disable=too-few-public-methods # Format: 'algorithm_name': [['version_first_appeared_in'], [reason_for_failure1, reason_for_failure2, ...], [warning1, warning2, ...], [info1, info2, ...]] 'kex': { 'Curve25519SHA256': [[]], - 'curve25519-sha256': [['7.4,d2018.76'], [], [], [INFO_DEFAULT_OPENSSH_KEX_64_TO_89]], - 'curve25519-sha256@libssh.org': [['6.4,d2013.62,l10.6.0'], [], [], [INFO_DEFAULT_OPENSSH_KEX_64_TO_89]], + 'curve25519-sha256': [['7.4,d2018.76'], [], [], [INFO_DEFAULT_OPENSSH_KEX_74_TO_89]], + 'curve25519-sha256@libssh.org': [['6.4,d2013.62,l10.6.0'], [], [], [INFO_DEFAULT_OPENSSH_KEX_65_TO_73]], 'curve448-sha512': [[]], 'curve448-sha512@libssh.org': [[]], 'diffie-hellman-group14-sha1': [['3.9,d0.53,l10.6.0'], [FAIL_SHA1], [WARN_2048BIT_MODULUS]], diff --git a/test/docker/expected_results/dropbear_2019.78_test1.json b/test/docker/expected_results/dropbear_2019.78_test1.json index 04d410a..c8a6650 100644 --- a/test/docker/expected_results/dropbear_2019.78_test1.json +++ b/test/docker/expected_results/dropbear_2019.78_test1.json @@ -96,7 +96,7 @@ "algorithm": "curve25519-sha256", "notes": { "info": [ - "default key exchange from OpenSSH 6.4 to 8.9", + "default key exchange from OpenSSH 7.4 to 8.9", "available since OpenSSH 7.4, Dropbear SSH 2018.76" ] } @@ -105,7 +105,7 @@ "algorithm": "curve25519-sha256@libssh.org", "notes": { "info": [ - "default key exchange from OpenSSH 6.4 to 8.9", + "default key exchange from OpenSSH 6.5 to 7.3", "available since OpenSSH 6.4, Dropbear SSH 2013.62" ] } diff --git a/test/docker/expected_results/dropbear_2019.78_test1.txt b/test/docker/expected_results/dropbear_2019.78_test1.txt index c01a568..d735dfb 100644 --- a/test/docker/expected_results/dropbear_2019.78_test1.txt +++ b/test/docker/expected_results/dropbear_2019.78_test1.txt @@ -6,9 +6,9 @@ # key exchange algorithms (kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76 - `- [info] default key exchange from OpenSSH 6.4 to 8.9 + `- [info] default key exchange from OpenSSH 7.4 to 8.9 (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62 - `- [info] default key exchange from OpenSSH 6.4 to 8.9 + `- [info] default key exchange from OpenSSH 6.5 to 7.3 (kex) ecdh-sha2-nistp521 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 (kex) ecdh-sha2-nistp384 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency diff --git a/test/docker/expected_results/openssh_8.0p1_test1.json b/test/docker/expected_results/openssh_8.0p1_test1.json index 7f627df..af08c5b 100644 --- a/test/docker/expected_results/openssh_8.0p1_test1.json +++ b/test/docker/expected_results/openssh_8.0p1_test1.json @@ -115,7 +115,7 @@ "algorithm": "curve25519-sha256", "notes": { "info": [ - "default key exchange from OpenSSH 6.4 to 8.9", + "default key exchange from OpenSSH 7.4 to 8.9", "available since OpenSSH 7.4, Dropbear SSH 2018.76" ] } @@ -124,7 +124,7 @@ "algorithm": "curve25519-sha256@libssh.org", "notes": { "info": [ - "default key exchange from OpenSSH 6.4 to 8.9", + "default key exchange from OpenSSH 6.5 to 7.3", "available since OpenSSH 6.4, Dropbear SSH 2013.62" ] } diff --git a/test/docker/expected_results/openssh_8.0p1_test1.txt b/test/docker/expected_results/openssh_8.0p1_test1.txt index 272d3e0..15cdad7 100644 --- a/test/docker/expected_results/openssh_8.0p1_test1.txt +++ b/test/docker/expected_results/openssh_8.0p1_test1.txt @@ -12,9 +12,9 @@ # key exchange algorithms (kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76 - `- [info] default key exchange from OpenSSH 6.4 to 8.9 + `- [info] default key exchange from OpenSSH 7.4 to 8.9 (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62 - `- [info] default key exchange from OpenSSH 6.4 to 8.9 + `- [info] default key exchange from OpenSSH 6.5 to 7.3 (kex) ecdh-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 (kex) ecdh-sha2-nistp384 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency diff --git a/test/docker/expected_results/openssh_8.0p1_test2.json b/test/docker/expected_results/openssh_8.0p1_test2.json index 3101f46..1263a8d 100644 --- a/test/docker/expected_results/openssh_8.0p1_test2.json +++ b/test/docker/expected_results/openssh_8.0p1_test2.json @@ -105,7 +105,7 @@ "algorithm": "curve25519-sha256", "notes": { "info": [ - "default key exchange from OpenSSH 6.4 to 8.9", + "default key exchange from OpenSSH 7.4 to 8.9", "available since OpenSSH 7.4, Dropbear SSH 2018.76" ] } @@ -114,7 +114,7 @@ "algorithm": "curve25519-sha256@libssh.org", "notes": { "info": [ - "default key exchange from OpenSSH 6.4 to 8.9", + "default key exchange from OpenSSH 6.5 to 7.3", "available since OpenSSH 6.4, Dropbear SSH 2013.62" ] } diff --git a/test/docker/expected_results/openssh_8.0p1_test2.txt b/test/docker/expected_results/openssh_8.0p1_test2.txt index d2059d2..08caf4a 100644 --- a/test/docker/expected_results/openssh_8.0p1_test2.txt +++ b/test/docker/expected_results/openssh_8.0p1_test2.txt @@ -12,9 +12,9 @@ # key exchange algorithms (kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76 - `- [info] default key exchange from OpenSSH 6.4 to 8.9 + `- [info] default key exchange from OpenSSH 7.4 to 8.9 (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62 - `- [info] default key exchange from OpenSSH 6.4 to 8.9 + `- [info] default key exchange from OpenSSH 6.5 to 7.3 (kex) ecdh-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62 (kex) ecdh-sha2-nistp384 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency diff --git a/test/docker/expected_results/openssh_8.0p1_test3.json b/test/docker/expected_results/openssh_8.0p1_test3.json index 04fb66d..6e96ae2 100644 --- a/test/docker/expected_results/openssh_8.0p1_test3.json +++ b/test/docker/expected_results/openssh_8.0p1_test3.json @@ -105,7 +105,7 @@ "algorithm": "curve25519-sha256", "notes": { "info": [ - "default key exchange from OpenSSH 6.4 to 8.9", + "default key exchange from OpenSSH 7.4 to 8.9", "available since OpenSSH 7.4, Dropbear SSH 2018.76" ] } @@ -114,7 +114,7 @@ "algorithm": "curve25519-sha256@libssh.org", "notes": { "info": [ - "default key exchange from OpenSSH 6.4 to 8.9", + "default key exchange from OpenSSH 6.5 to 7.3", "available since OpenSSH 6.4, Dropbear SSH 2013.62" ] } diff --git a/test/docker/expected_results/openssh_8.0p1_test3.txt b/test/docker/expected_results/openssh_8.0p1_test3.txt index 7ab90f7..62d5dd4 100644 --- a/test/docker/expected_results/openssh_8.0p1_test3.txt +++ b/test/docker/expected_results/openssh_8.0p1_test3.txt @@ -12,9 +12,9 @@ # key exchange algorithms (kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76 - `- [info] default key exchange from OpenSSH 6.4 to 8.9 + `- [info] default key exchange from OpenSSH 7.4 to 8.9 (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62 - `- [info] default key exchange from OpenSSH 6.4 to 8.9 + `- [info] default key exchange from OpenSSH 6.5 to 7.3 (kex) diffie-hellman-group-exchange-sha256 (4096-bit) -- [info] available since OpenSSH 4.4  `- [info] OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 4096. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477). diff --git a/test/docker/expected_results/tinyssh_20190101_test1.json b/test/docker/expected_results/tinyssh_20190101_test1.json index 52bb5d8..4b54a86 100644 --- a/test/docker/expected_results/tinyssh_20190101_test1.json +++ b/test/docker/expected_results/tinyssh_20190101_test1.json @@ -43,7 +43,7 @@ "algorithm": "curve25519-sha256", "notes": { "info": [ - "default key exchange from OpenSSH 6.4 to 8.9", + "default key exchange from OpenSSH 7.4 to 8.9", "available since OpenSSH 7.4, Dropbear SSH 2018.76" ] } @@ -52,7 +52,7 @@ "algorithm": "curve25519-sha256@libssh.org", "notes": { "info": [ - "default key exchange from OpenSSH 6.4 to 8.9", + "default key exchange from OpenSSH 6.5 to 7.3", "available since OpenSSH 6.4, Dropbear SSH 2013.62" ] } diff --git a/test/docker/expected_results/tinyssh_20190101_test1.txt b/test/docker/expected_results/tinyssh_20190101_test1.txt index 7137eb6..2dcc036 100644 --- a/test/docker/expected_results/tinyssh_20190101_test1.txt +++ b/test/docker/expected_results/tinyssh_20190101_test1.txt @@ -5,9 +5,9 @@ # key exchange algorithms (kex) curve25519-sha256 -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76 - `- [info] default key exchange from OpenSSH 6.4 to 8.9 + `- [info] default key exchange from OpenSSH 7.4 to 8.9 (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62 - `- [info] default key exchange from OpenSSH 6.4 to 8.9 + `- [info] default key exchange from OpenSSH 6.5 to 7.3 (kex) sntrup4591761x25519-sha512@tinyssh.org -- [warn] using experimental algorithm `- [info] available since OpenSSH 8.0 `- [info] the sntrup4591761 algorithm was withdrawn, as it may not provide strong post-quantum security