Re: Considering dropping ssh-vulnkey from openssh-client

To: debian-devel@lists.debian.org, debian-ssh@lists.debian.org
Subject: Re: Considering dropping ssh-vulnkey from openssh-client
From: Colin Watson <cjwatson@debian.org>
Date: Sun, 15 Sep 2013 00:47:48 +0100
Message-id: <[🔎] 20130914234748.GA23558@riva.ucam.org>
Mail-followup-to: debian-devel@lists.debian.org, debian-ssh@lists.debian.org
In-reply-to: <[🔎] 5390339.vWLLJmp7uf@scott-latitude-e6320>
References: <[🔎] 20130914214913.GL480@riva.ucam.org> <[🔎] 5390339.vWLLJmp7uf@scott-latitude-e6320>

On Sat, Sep 14, 2013 at 06:45:27PM -0400, Scott Kitterman wrote:
> In the course of some research I was doing recently I recall running across a 
> survey that someone had done about SSH keys in use on the internet.  My vague 
> recollection (it was completely tangential to what I was looking for) was that 
> it found that something like 0.04% of current internet visible keys were 
> vulnerable.

I think you may be thinking of this paper:

  https://factorable.net/weakkeys12.conference.pdf

That lists 53141 live hosts (0.52%) under the category "using Debian
weak keys" (the percentage for TLS was 0.03%, close to your
recollection).  From the context of the rest of the paper I understand
that it is referring to SSH host keys.

This is indeed an alarming number.  However, I can only see a couple of
possibilities here:

 * The host might be running a version of etch without the patches for
   DSA-1576 applied (perhaps it's an embedded device with little in the
   way of upgrade provision, or perhaps it's just negligent sysadmin).
   In this case they have no direct upgrade path to jessie anyway; they
   would have to upgrade via at least one of lenny and squeeze, either
   of which will automatically regenerate vulnerable host keys on
   upgrade.

 * The host might be running something newer, but have taken deliberate
   action to restore the vulnerable host keys after
   openssh-server.postinst regenerated them and to disable the
   blacklisting.  In this case there is no reason to suppose that
   carrying ssh-vulnkey and friends for longer will make any more
   difference than it already has.

My gut feeling is that there are many more of the former than the
latter, on the grounds that negligence is generally more likely than
deliberate action, although from the confused bug mail I got at the time
(from people who didn't realise that we weren't specifically locking
them out of their systems, we were locking *the rest of the world* out
of their systems), I expect a few of the latter too.

Are there any other possibilities here where continuing to carry the
vulnerability-checking code will actually help?  I'm particularly
interested if anyone has experience dealing with cleaning up such a
system they found under a rock.

-- 
Colin Watson                                       [cjwatson@debian.org]

Reply to:

Follow-Ups:
- Re: Considering dropping ssh-vulnkey from openssh-client
  - From: Scott Kitterman <debian@kitterman.com>

References:
- Considering dropping ssh-vulnkey from openssh-client
  - From: Colin Watson <cjwatson@debian.org>
- Re: Considering dropping ssh-vulnkey from openssh-client
  - From: Scott Kitterman <debian@kitterman.com>

Prev by Date: Re: Considering dropping ssh-vulnkey from openssh-client
Next by Date: Bug#492382: marked as done (needs to check /usr/share/ssh for blacklisted keys)
Previous by thread: Re: Considering dropping ssh-vulnkey from openssh-client
Next by thread: Re: Considering dropping ssh-vulnkey from openssh-client
Index(es):
- Date
- Thread