Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto/ssh: Make SetDefaults disable diffie-hellman-group1-sha1 #12955

Open
jeffallen opened this Issue Oct 16, 2015 · 3 comments

Comments

Projects
None yet
4 participants
@jeffallen
Copy link
Contributor

jeffallen commented Oct 16, 2015

https://weakdh.org/sysadmin.html recommends that users of OpenSSH who want to continue to support non-elliptic-curve Diffie-Hellman should disable Group 1 support, by removing the diffie-hellman-group1-sha1 Key Exchange.

I think it would be in keeping with Go's normal forward looking and strong security posture that SetDefault does not include kexAlgoDH1SHA1 in Config.KeyExchanges. The docs could be updated to indicate that users wishing to enable this deprecated key exchange algorithm should add it at the end of Config.KeyExchanges themselves after calling SetDefaults.

@hanwen

This comment has been minimized.

Copy link
Contributor

hanwen commented Oct 18, 2015

Would this really fix anything, practically speaking? Group1 is already the least preferred kex anyway.

Do you have any data on which implementations don't support anything but group1? Are there any clients which prefer group1 over the stronger kexes?

@jeffallen

This comment has been minimized.

Copy link
Contributor Author

jeffallen commented Oct 19, 2015

It's a question of defensive security posture. In a perfect world, clients would protect themselves by insisting on something other than group1, but we don't live in a perfect world.

In my opinion, Go's defaults should be defensive, and we now suspect that group1 is unusable for secure communication, so it has to be removed from the defaults.

@rsc rsc added this to the Unreleased milestone Oct 23, 2015

@gopherbot

This comment has been minimized.

Copy link

gopherbot commented Jul 12, 2018

Change https://golang.org/cl/123595 mentions this issue: ssh: drop dh-group1-sha1 from default key exchanges

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.