From: Clemens Gruber <clemens.gruber@pqgruber.com>
To: ptxdist@pengutronix.de
Cc: Clemens Gruber <clemens.gruber@pqgruber.com>
Subject: [ptxdist] [PATCH v2 1/3] openssh: replace dsa with ed25519 host keys
Date: Sat, 20 Jun 2015 16:07:42 +0200 [thread overview]
Message-ID: <1434809262-2681-1-git-send-email-clemens.gruber@pqgruber.com> (raw)
Changes from v1:
- Rebased after generic -> projectroot rename
- Better explanation in commit message
It is very likely that weak DSA keys are created on embedded
systems due to entropy problems.
I suggest replacing DSA with Ed25519 as second host signature scheme.
Ed25519 performs better, is not as vulnerable to weak random numbers
and the keys can be much smaller, e.g. 256-bit public keys.
DSA and ECDSA fall completely apart when the system has a bad random
number generator, Ed25519 does not.
It is also one of the few elliptic curve cryptography schemes without
magical parameters from NIST or NSA.
Security of 256-bit Ed25519 keys is comparable to 3000-bit RSA keys
and it is immune to most known side-channel / timing attacks.
As the RSA host key is still generated by default, I do not expect
backwards compatibility issues.
It leads to noticeably better performance and higher security, because
the default size of RSA keys is 2048-bit and only 1024-bit for DSA,
whereas Ed25519 is as secure as a 3000-bit RSA key.
For more details, here is the paper:
http://ed25519.cr.yp.to/ed25519-20110926.pdf
Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
---
projectroot/etc/rc.once.d/openssh | 8 ++++----
projectroot/etc/ssh/sshd_config | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/projectroot/etc/rc.once.d/openssh b/projectroot/etc/rc.once.d/openssh
index 83e6e37..0a63433 100644
--- a/projectroot/etc/rc.once.d/openssh
+++ b/projectroot/etc/rc.once.d/openssh
@@ -3,12 +3,12 @@
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
OPENSSH_RSAKEY_DEFAULT="/etc/ssh/ssh_host_rsa_key"
-OPENSSH_DSAKEY_DEFAULT="/etc/ssh/ssh_host_dsa_key"
+OPENSSH_ED25519KEY_DEFAULT="/etc/ssh/ssh_host_ed25519_key"
test -n "$OPENSSH_RSAKEY" || \
OPENSSH_RSAKEY=$OPENSSH_RSAKEY_DEFAULT
-test -n "$OPENSSH_DSAKEY" || \
- OPENSSH_DSAKEY=$OPENSSH_DSAKEY_DEFAULT
+test -n "$OPENSSH_ED25519KEY" || \
+ OPENSSH_ED25519KEY=$OPENSSH_ED25519KEY_DEFAULT
gen_key() {
@@ -29,5 +29,5 @@ gen_key() {
}
gen_key rsa "$OPENSSH_RSAKEY"
-gen_key dsa "$OPENSSH_DSAKEY"
+gen_key ed25519 "$OPENSSH_ED25519KEY"
diff --git a/projectroot/etc/ssh/sshd_config b/projectroot/etc/ssh/sshd_config
index 7cd7897..f529fc4 100644
--- a/projectroot/etc/ssh/sshd_config
+++ b/projectroot/etc/ssh/sshd_config
@@ -20,7 +20,7 @@ Protocol 2
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
-HostKey /etc/ssh/ssh_host_dsa_key
+HostKey /etc/ssh/ssh_host_ed25519_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
--
2.4.4
--
ptxdist mailing list
ptxdist@pengutronix.de
reply other threads:[~2015-06-20 14:08 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1434809262-2681-1-git-send-email-clemens.gruber@pqgruber.com \
--to=clemens.gruber@pqgruber.com \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox