Bug#989906: openssh-server: With GSSAPIKeyExchage "yes" openssh presents poor quality key exchange methods
Package: openssh-server
Version: 1:7.9p1-10+deb10u2
Severity: important
Dear Maintainer,
What did I do?
* Configured GSSAPIKeyExchange "yes", because it's a good idea and
the automatic updating of renewed credentials it allows is very,
very useful.
What happened?
* When connecting to the OpenSSH server I see some quite horrible key
exchange methods proposed and accepted:
debug1: Offering GSSAPI proposal: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-gex-sha1-eipGX3TCiQSrx573bT1o1Q==,gss-group1-sha1-eipGX3TCiQSrx573bT1o1Q==,gss-group14-sha1-eipGX3TCiQSrx573bT1o1Q==
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==
* What outcome did you expect instead?
Something more modern?
Some security scanners have started reporting at least
gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g== as a vulnerability, e.g. Qualys calls it
"QID 38739: Deprecated SSH Cryptographic Settings"
https://qualys-secure.force.com/customer/s/article/000006407
As far as I can tell there is no way of configuring openssh to avoid using
gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==.
-- System Information:
Debian Release: 10.9
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-14-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages openssh-server depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.71
ii dpkg 1.19.7
ii libaudit1 1:2.8.4-3
ii libc6 2.28-10
ii libcom-err2 1.44.5-1+deb10u3
ii libgssapi-krb5-2 1.17-3+deb10u1
ii libkrb5-3 1.17-3+deb10u1
ii libpam-modules 1.3.1-5
ii libpam-runtime 1.3.1-5
ii libpam0g 1.3.1-5
ii libselinux1 2.8-1+b1
ii libssl1.1 1.1.1d-0+deb10u6
ii libsystemd0 241-7~deb10u7
ii libwrap0 7.6.q-28
ii lsb-base 10.2019051400
ii openssh-client 1:7.9p1-10+deb10u2
ii openssh-sftp-server 1:7.9p1-10+deb10u2
ii procps 2:3.3.15-2
ii ucf 3.0038+nmu1
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages openssh-server recommends:
ii libpam-systemd [logind] 241-7~deb10u7
ii ncurses-term 6.1+20181013-2+deb10u2
ii xauth 1:1.0.10-1
Versions of packages openssh-server suggests:
pn molly-guard <none>
pn monkeysphere <none>
pn rssh <none>
pn ssh-askpass <none>
pn ufw <none>
-- debconf information excluded
Reply to: