[Secure-testing-team] Bug#481860: openssh-server upgrade didn't remove all compromised keys from /etc/ssh
Vincent Lefevre
vincent at vinc17.org
Mon May 19 02:28:46 UTC 2008
Package: openssh-server
Version: 1:4.7p1-10
Severity: grave
Tags: security
Justification: user security hole
When I upgraded openssh-server, ssh_host_dsa_key has been replaced
because it was compromised, but not ssh_host_rsa_key, but this one
was compromised too!
$ ll /etc/ssh
-rw-r--r-- 1 root root 2064867 2008-05-13 16:23:21 blacklist.DSA-1024
-rw-r--r-- 1 root root 2064867 2008-05-17 17:03:45 blacklist.RSA-1024
-rw-r--r-- 1 root root 2064867 2008-05-13 16:23:21 blacklist.RSA-2048
-rw-r--r-- 1 root root 88039 2003-05-01 15:29:57 moduli
-rw-r--r-- 1 root root 1595 2008-01-11 01:54:42 ssh_config
-rw------- 1 root root 668 2008-05-15 11:12:51 ssh_host_dsa_key
-rw------- 1 root root 668 2008-01-30 16:20:56 ssh_host_dsa_key.broken
-rw-r--r-- 1 root root 598 2008-05-15 11:12:51 ssh_host_dsa_key.pub
-rw-r--r-- 1 root root 602 2008-01-30 16:20:56 ssh_host_dsa_key.pub.broken
-rw------- 1 root root 883 2008-01-30 16:20:56 ssh_host_rsa_key
-rw-r--r-- 1 root root 222 2008-01-30 16:20:56 ssh_host_rsa_key.pub
-rw-r--r-- 1 root root 14274 2008-01-30 16:42:08 ssh_known_hosts
-rw-r--r-- 1 root root 1881 2008-04-17 15:30:22 sshd_config
-rw-r--r-- 1 root root 1873 2008-04-17 15:17:19 sshd_config~
$ for i in /etc/ssh/ssh_host_*pub*; echo $i && ssh-vulnkey $i
/etc/ssh/ssh_host_dsa_key.pub
Not blacklisted: 1024 5f:84:36:c0:a3:4f:86:a3:0e:7b:67:5f:71:4f:46:66 root at vin
/etc/ssh/ssh_host_dsa_key.pub.broken
COMPROMISED: 1024 00:9d:b1:dd:7b:93:6d:92:92:84:1a:19:61:28:cb:6a root at butanol
/etc/ssh/ssh_host_rsa_key.pub
COMPROMISED: 1024 6b:89:cd:4a:c4:f8:c8:b1:7d:60:25:6b:2a:05:af:42 root at butanol
As you can see, the old ssh_host_dsa_key was detected as compromised,
thus renamed as ssh_host_dsa_key.broken and regenerated, but nothing
has been done on the old compromised ssh_host_rsa_key key.
So, in short, openssh-server gave incorrect information about
compromised keys. Until now, I thought that all my keys were OK
after the upgrade, but this is now clearly not the case!
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.24.5-20080423 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssh-server depends on:
ii adduser 3.107 add and remove users and groups
ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy
ii dpkg 1.14.19 package maintenance system for Deb
ii libc6 2.7-11 GNU C Library: Shared libraries
ii libcomerr2 1.40.8-2 common error description library
ii libkrb53 1.6.dfsg.3-2 MIT Kerberos runtime libraries
ii libpam-modules 0.99.7.1-6 Pluggable Authentication Modules f
ii libpam-runtime 0.99.7.1-6 Runtime support for the PAM librar
ii libpam0g 0.99.7.1-6 Pluggable Authentication Modules l
ii libselinux1 2.0.59-1 SELinux shared libraries
ii libssl0.9.8 0.9.8g-10 SSL shared libraries
ii libwrap0 7.6.q-15 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-12 Linux Standard Base 3.2 init scrip
ii openssh-blacklist 0.2 list of default blacklisted OpenSS
ii openssh-client 1:4.7p1-10 secure shell client, an rlogin/rsh
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages openssh-server recommends:
ii xauth 1:1.0.3-1 X authentication utility
-- debconf information:
* ssh/vulnerable_host_keys:
ssh/new_config: true
* ssh/use_old_init_script: true
ssh/encrypted_host_key_but_no_keygen:
ssh/disable_cr_auth: false
More information about the Secure-testing-team
mailing list