Bug#806962: No supported cipher blowfish breaks systems
On Thu, Dec 03, 2015 at 05:49:19PM +0100, Klaus Ethgen wrote:
> Am Do den 3. Dez 2015 um 17:36 schrieb Colin Watson:
> > Ah, so this is not quite accurate. "blowfish" is an SSH1-only cipher
> > name, and as far as I can tell was never effective for SSH2. OpenSSH
> > 7.0 disables protocol 1, which is perhaps why you're seeing "blowfish"
> > no longer doing anything.
> That might be, but configurations regarding that was still possible.
> With current systems that configuration is an error and ssh fails to
> work at all.
This is true, although I rather suspect that it was in fact an
ineffective configuration in the first place (i.e. blowfish was never in
fact selected). You could easily confirm this by downgrading and using
"ssh -vvv" with your old configuration; in fact, I encourage you to do
so and post the output here.
> > But of course you can make this change after upgrade - it's client-side.
> And if you have ssh-with-key-only root on some systems, it is very hard
> to change that setting in global ssh_config.
You can always override global ssh_config at a per-user level. Your
report is about accessing other systems from an upgraded ssh client,
which means that it is irrelevant whether the remote side is root with
pubkey authentication only or an ordinary user account.
> Why do you bristle that much against documenting that in NEWS.debian.gz
> where it should be!? Currently it is not even mentioned in changelog.
It's right up top, once the problem is correctly understood:
- Support for the legacy SSH version 1 protocol is disabled by default
at compile time.
I'm not bristling against documenting the cryptographic changes in 7.x
in NEWS.Debian, and will probably do so. But I want to actually make
sure that we agree on the problem you're having first!
> > and if you are going to make this kind of
> > choice then you need to own the fact that you'll have to keep it up to
> > date, or maintain your own fork of OpenSSH. Debian will stick with
> > mainline upstream choices here.
> Yea, I still have to have my own debian package of openssh due the fact
> that debian is _not_ sticking to mainline upstream choices and have some
> questionable patches in the package. Patches that upstream refused for
> security reasons. It would be not really more work to enable that too
Some of those are historical mistakes that I'm stuck with, and some are
ones I'm gradually working to move away from. That doesn't mean it's OK
to expand the list, particularly since I do in fact strongly agree with
disabling protocol 1!
Colin Watson [firstname.lastname@example.org]