Switch to secure signing algorithm for SSH secrets engine #14006
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cipherboy
added
cryptosec
enhancement
secret/ssh
bug
cipherboy
commented
Feb 14, 2022
cipherboy
commented
Feb 14, 2022
cipherboy
force-pushed
the
cipherboy-switch-to-secure-signer
branch
from
08941bb to
b4595ef
Compare
cipherboy
force-pushed
the
cipherboy-switch-to-secure-signer
branch
from
b4595ef to
0be1e31
Compare
cipherboy
force-pushed
the
cipherboy-switch-to-secure-signer
branch
from
0be1e31 to
dbca886
Compare
cipherboy
force-pushed
the
cipherboy-switch-to-secure-signer
branch
from
dbca886 to
76b4d60
Compare
cipherboy
force-pushed
the
cipherboy-switch-to-secure-signer
branch
from
76b4d60 to
055fd2f
Compare
cipherboy
force-pushed
the
cipherboy-switch-to-secure-signer
branch
from
055fd2f to
d6b3386
Compare
stevendpclark
approved these changes
Feb 17, 2022
Related: #11608 Signed-off-by: Alexander Scheel <[email protected]>
As mentioned in the OpenSSH 8.2 release notes, OpenSSH will no longer be accepting ssh-rsa signatures by default as these use the insecure SHA-1 algorithm. For roles in which an explicit signature type wasn't specified, we should change the default from SHA-1 to SHA-256 for security and compatibility with modern OpenSSH releases. See also: https://www.openssh.com/txt/release-8.2 Signed-off-by: Alexander Scheel <[email protected]>
Signed-off-by: Alexander Scheel <[email protected]>
Signed-off-by: Alexander Scheel <[email protected]>
Signed-off-by: Alexander Scheel <[email protected]>
cipherboy
force-pushed
the
cipherboy-switch-to-secure-signer
branch
from
d7513f4 to
679e445
Compare
|
I dropped the |
|
Thanks @stevendpclark for the reviews! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Built on top of #13991; will be rebased once that merges.The default (empty) value for RSA keys,
ssh-rsa, is an insecure default because it uses SHA-1 signing. This has lead to its removal from OpenSSH >= 8.2's default algorithm list. However, the more secure, modern signing algorithms for SSH keys,rsa-sha2-256andrsa-sha2-512, aren't available on platforms with OpenSSH < 7.2.This PR takes an approach of migrating existing SSH roles using the default (empty) value to an explicit
ssh-rsavalue and changing the default todefault, which can change over time as secure defaults change. This explicitdefaultvalue presently usesrsa-sha2-256. Roles can of course still explicitly specify a value if desired.Documentation has been clarified to point out that the legacy value is insecure, what the secure value presently is, and what will occur as a result of migration.
This is motivated by #11608.
Resolves: #11608