[Nix-dev] SECURITY: default SSH host keys are weak

phreedom at yandex.ru phreedom at yandex.ru
Fri Aug 23 21:46:15 CEST 2013


> >>> I has been brought to our attention that the host keys created by the
> >>> default SSH daemon configuration are too weak.
> >> 
> >> Citation needed please.  According to who are DSA keys bad?  OpenSSH's
> >> own
> >> "make host-key" installs a DSA key (in addition to RSA and ECDSA keys).
> > 
> > Section 2.1: 1024bit keys should be phased out by 2010
> > http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_PART3_key-manag
> > ement_Dec2009.pdf
> > 
> > More recent revision 5.6.2: lists 1024bit DSA/RSA as weak:
> > http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_gene
> > ral.pdf
> That they deprecate generation of new 1024-bit DSA keys doesn't seem enough
> reason for us to print dire security warnings on the console.  That's really
> something you should discuss with upstream.  They're the crypto experts.

But upstream has been generating and prioritizing keys other than 1024bit DSA 
for some time already and it is NixOS implementation that forces DSA-only 
mode.


More information about the nix-dev mailing list