Re: Fixing exchange of host keys in the SSH key exchange

To: ietf-ssh%netbsd.org@localhost
Subject: Re: Fixing exchange of host keys in the SSH key exchange
From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Date: Sun, 26 Mar 2017 08:10:53 -0400 (EDT)

>> As far as I can see, this affects the user only in that "pick up the
>> host key on first connect" no longer works.
> It breaks TOFU.

Yes.  As denis recently said, that's the major point of it: some -
probably a minority, but so what? - server admins _want_ to break TOFU,
to ensure that their users are doing more secure key handling.

Another possibility is that users _do_ use TOFU, but are allowed to
only over secure-enough networks.  This allows configurations like
"You're coming from the office LAN, you can TOFU - but when you come in
over the open Internet, you have to already have the host key", by
providing a mechanism to enforce the second half of it.

> Since this is how the vast majority of all users use SSH [...], it
> means it would break SSH for them.  Conversely, it means the vast
> majority won't use it.

Which is fine.  Having it available does not mean it should be the
default.

>> Then this suggestion has the additional feature that it will smoke
>> out such bugs!
> Trying to smoke out non-standards-compliant implementations at this
> point, about twenty-odd after SSH2 started getting deployed, is
> probably a bit late in the game.

Probably.  But better late than never.  Though, as remarked upthread,
it's not clear that breaking on pre-ID text in the client-to-server
direction _is_ a bug.

> Also, does this mean any implemenation that doesn't correctly
> implement a MUST or MUST NOT can regarded as broken and discarded?

Ideally.  But that's true of any spec.

Those ssh implementations I mentioned upthread that crashed upon seeing
string@domain extensions?  We didn't discard them; we worked around
them.  I would have preferred to replace them, but that was not
practical at the time (this years ago was at work and they were
embedded servers on, IIRC, network switches - I hope we filed bug
reports with the vendor(s) in question, but I'm not sure of even that
much).

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

References:
- Fixing exchange of host keys in the SSH key exchange
  - From: denis bider (Bitvise)
- Re: Fixing exchange of host keys in the SSH key exchange
  - From: Peter Gutmann
- Re: Fixing exchange of host keys in the SSH key exchange
  - From: Mouse
- Re: Fixing exchange of host keys in the SSH key exchange
  - From: Peter Gutmann

Prev by Date: Re: Fixing exchange of host keys in the SSH key exchange
Next by Date: Re: Fixing exchange of host keys in the SSH key exchange
Previous by Thread: Re: Fixing exchange of host keys in the SSH key exchange
Next by Thread: Re: Fixing exchange of host keys in the SSH key exchange
Indexes:

Home | Main Index | Thread Index | Old Index