New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

enable more secure SSH algorithms und ciphers for dropbear #223

Closed
jbacksch opened this Issue Oct 28, 2014 · 7 comments

Comments

Projects
None yet
5 participants
@jbacksch

jbacksch commented Oct 28, 2014

Please enable more secure SSH algorithms und ciphers hmac-sha2-256 and hmac-sha2-512 for dropbear recommed by BetterCrypto p.19 https://bettercrypto.org/static/applied-crypto-hardening.pdf.

A patch is available for OpenWrt at http://patchwork.openwrt.org/patch/6322/.

@tcatm

This comment has been minimized.

Show comment
Hide comment
@tcatm

tcatm Oct 28, 2014

This is not critical as SSH is not used on Gluon by default. If OpenWrt decides to merge thoses patches, they'll make it into Gluon eventually.

tcatm commented Oct 28, 2014

This is not critical as SSH is not used on Gluon by default. If OpenWrt decides to merge thoses patches, they'll make it into Gluon eventually.

@NeoRaider

This comment has been minimized.

Show comment
Hide comment
@NeoRaider

NeoRaider Oct 28, 2014

Member

I don't think @tcatm's argument is valid, as SSH many people use SSH with Gluon. We do so ourselves and we recommend others to do so.

The more interesting question is if the patch is important enough to include it even though OpenWrt hasn't so far. In my opionion it isn't, as HMAC-SHA1 is much stronger than SHA1 itself. Even HMAC-MD5 is considered quite secure despite MD5's weaknesses, with HMAC-SHA1 we'll be fine for many years.

So I agree with @tcatm's opinion to wait until these patches make it into OpenWrt.

Member

NeoRaider commented Oct 28, 2014

I don't think @tcatm's argument is valid, as SSH many people use SSH with Gluon. We do so ourselves and we recommend others to do so.

The more interesting question is if the patch is important enough to include it even though OpenWrt hasn't so far. In my opionion it isn't, as HMAC-SHA1 is much stronger than SHA1 itself. Even HMAC-MD5 is considered quite secure despite MD5's weaknesses, with HMAC-SHA1 we'll be fine for many years.

So I agree with @tcatm's opinion to wait until these patches make it into OpenWrt.

@tcatm tcatm added the wontfix label Mar 3, 2015

@tcatm tcatm closed this Mar 3, 2015

@tcatm tcatm removed the wontfix label Mar 3, 2015

@rotanid

This comment has been minimized.

Show comment
Hide comment
@rotanid

rotanid May 11, 2016

Member

time has passed, but current gluon versions dropbear still doesn't support modern cryptography?
also, this doesn't affect only MAC, but also KeyExchange, curve25519 or sha256 aren't supported there, either...

Member

rotanid commented May 11, 2016

time has passed, but current gluon versions dropbear still doesn't support modern cryptography?
also, this doesn't affect only MAC, but also KeyExchange, curve25519 or sha256 aren't supported there, either...

@NeoRaider

This comment has been minimized.

Show comment
Hide comment
@NeoRaider

NeoRaider May 11, 2016

Member

OpenWrt has enabled curve25519-sha256 by default since January, so I think we should backport that change now.

Member

NeoRaider commented May 11, 2016

OpenWrt has enabled curve25519-sha256 by default since January, so I think we should backport that change now.

@NeoRaider NeoRaider reopened this May 11, 2016

@rotanid rotanid added the enhancement label Aug 22, 2016

@NeoRaider NeoRaider added this to the 2016.2 milestone Aug 22, 2016

@NeoRaider NeoRaider self-assigned this Aug 22, 2016

@NeoRaider NeoRaider closed this in b00c1a3 Aug 22, 2016

@NeoRaider

This comment has been minimized.

Show comment
Hide comment
@NeoRaider

NeoRaider Aug 22, 2016

Member

curve25519-sha256 support is backported now.

Member

NeoRaider commented Aug 22, 2016

curve25519-sha256 support is backported now.

christf added a commit to freifunk-ffm/gluon that referenced this issue Sep 8, 2016

dropbear: update to LEDE 277f85c21ae0ede4e15e66cbd801b9fb502531df
Includes a few security updates and enables Curve25519 support.

Fixes #223

christf added a commit to freifunk-ffm/gluon that referenced this issue Sep 8, 2016

dropbear: update to LEDE 277f85c21ae0ede4e15e66cbd801b9fb502531df
Includes a few security updates and enables Curve25519 support.

Fixes #223
@nomaster

This comment has been minimized.

Show comment
Hide comment
@nomaster

nomaster Sep 28, 2016

I have just tried to use my ssh-ed25519 key, but I was unable to log in. Is it supported?

nomaster commented Sep 28, 2016

I have just tried to use my ssh-ed25519 key, but I was unable to log in. Is it supported?

@NeoRaider

This comment has been minimized.

Show comment
Hide comment
@NeoRaider

NeoRaider Sep 28, 2016

Member

@nomaster: no, ed25519 is not supported at all by the current dropbear version 2016.74, I don't know if it is in development. Also, we use the default dropbear config from LEDE, which disables ECDSA using the NIST curves to save space.

curve25519-sha256 is supported as a key exchange method, but that's as far as ECC support goes at the moment.

Member

NeoRaider commented Sep 28, 2016

@nomaster: no, ed25519 is not supported at all by the current dropbear version 2016.74, I don't know if it is in development. Also, we use the default dropbear config from LEDE, which disables ECDSA using the NIST curves to save space.

curve25519-sha256 is supported as a key exchange method, but that's as far as ECC support goes at the moment.

ecsv pushed a commit to FreifunkVogtland/gluon that referenced this issue Jun 9, 2017

dropbear: update to LEDE 277f85c21ae0ede4e15e66cbd801b9fb502531df
Includes a few security updates and enables Curve25519 support.

Fixes #223
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment