OpenSSH 8.3 is here and these are its news

Darkcrizt

4 minutes

After three months of development, the release of the new version of OpenSSH 8.3 was presented, in which highlights new added protection against scp attacksWhich allows the server to transfer other file names that differ from those requested (Unlike the previous vulnerability, the attack does not allow to change the directory selected by the user or the global mask).

In SCP, the server decides which files and directories to send to the client and the client only checks for accuracy of the returned object names. The essence of the identified problem is that if the call to the timing system fails, the content of the file is interpreted as file metadata.

When connecting to a server controlled by an attacker, this function can be used to save other names File and other content in the user's FS when copying using scp in settings that cause timing failures. For example, when times are disabled by SELinux policy or system call filter.

The probability of real attacks is estimated to be minimal, since in typical configurations the time call does not fail. Also, the attack does not go unnoticed: when scp is called, a data transmission error is displayed.

Goodbye to SHA-1

In addition, the OpenSSH developers also warned once again about the upcoming transfer to the obsolete algorithms category that use SHA-1 hashing, due to an increase in the efficiency of collision attacks with a given prefix (cost of collision selection is estimated to be around $ 45K).

In one of the following problems, they plan to disable by default the ability to use the ssh-rsa public key digital signature algorithm, which is mentioned in the original RFC for the SSH protocol and remains widespread in practice.

Possible candidates

To ease the transition to new algorithms in OpenSSH in an upcoming release, the UpdateHostKeys setting will be enabled by default, which will automatically switch clients to more reliable algorithms.

Among the recommended algorithms for migration They are: rsa-sha2-256 / 512 based on RFC8332 RSA SHA-2 (compatible with OpenSSH 7.2 and used by default), ssh-ed25519 (compatible with OpenSSH 6.5) and ecdsa-sha2-nistp256 / 384/521 based on RFC5656 ECDSA (OpenSSH 5.7 compliant).

Other changes

From the last issue, "ssh-rsa" and "diffie-hellman-group14-sha1»Have been removed from the CASignatureAlgorithms list, which defines the valid algorithms to digitally sign new certificates, since the use of SHA-1 in certificates carries an additional risk because the attacker has unlimited time to search for collisions for an existing certificate, while the attack time in host keys is limited by connection timeout (LoginGraceTime).

Of the other changes that stand out from this new version are:

  • In sftp, "-1" processing stops, similar to ssh and scp, which was previously accepted but ignored.
  • In sshd when using IgnoreRhosts, now three options are provided: "yes" to ignore rhosts / shosts, "no" to consider rhosts / shosts and "shosts-only" which is to allow ".shosts", but disables ".rhosts" .
  • In ssh,% TOKEN override processing is provided in the LocalFoward and RemoteForward configuration used to redirect Unix sockets.
  • It is allowed to download public keys from a file not encrypted with a private key, if there is no separate file with a public key.
  • If the system has libcrypto in ssh and sshd, it now uses the chacha20 algorithm implementation of this library, instead of the built-in portable implementation, which has lower performance.
  • The ability to dump the contents of the binary list of revoked certificates when executing the command "ssh-keygen -lQf / path" has been implemented.
  • The portable version implements system definitions in which signals with the SA_RESTART option break the selection;
  • Compilation issues fixed on HP / UX and AIX systems.
  • Fixed compilation issues for seccomp sandbox on some Linux configurations.
  • The definition of the libfido2 library has been improved and compilation problems have been resolved with the –with-security-key-builtin option.

How to install OpenSSH 8.3 on Linux?

For those who are interested in being able to install this new version of OpenSSH on their systems, for now they can do it downloading the source code of this and performing the compilation on their computers.

This is because the new version has not yet been included in the repositories of the main Linux distributions. To get the source code, you can do from the following link.

Done the download, now we are going to unzip the package with the following command:

tar -xvf openssh-8.3.tar.gz

We enter the created directory:

cd openssh-8.3

Y we can compile with the following commands:

./configure --prefix=/opt --sysconfdir=/etc/ssh
make
make install

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   chiwy said
    ago 4 years

    Thanks for the info :)

    Reply to Chiwy