import openssh-8.0p1-5.el8
This commit is contained in:
parent
b40f69fe2a
commit
75ca0870c6
@ -20,10 +20,10 @@ diff -up openssh-6.8p1/Makefile.in.ctr-cavs openssh-6.8p1/Makefile.in
|
||||
ssh-xmss.o \
|
||||
@@ -194,6 +195,9 @@ ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) l
|
||||
ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o uidswap.o
|
||||
$(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(KEYCATLIBS) $(LIBS)
|
||||
$(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(KEYCATLIBS) $(LIBS)
|
||||
|
||||
+ctr-cavstest$(EXEEXT): $(LIBCOMPAT) libssh.a ctr-cavstest.o
|
||||
+ $(LD) -o $@ ctr-cavstest.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)
|
||||
+ $(LD) -o $@ ctr-cavstest.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
|
||||
+
|
||||
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
|
||||
$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
|
||||
|
@ -62,10 +62,10 @@ diff -up openssh/Makefile.in.keycat openssh/Makefile.in
|
||||
ssh-xmss.o \
|
||||
@@ -190,6 +191,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT)
|
||||
ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
|
||||
$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat -lfipscheck $(LIBS) $(LDAPLIBS)
|
||||
$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LDAPLIBS)
|
||||
|
||||
+ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o uidswap.o
|
||||
+ $(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(KEYCATLIBS) $(LIBS)
|
||||
+ $(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(KEYCATLIBS) $(LIBS)
|
||||
+
|
||||
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
|
||||
$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
|
||||
|
@ -20,7 +20,7 @@ diff -up openssh-6.8p1/Makefile.in.kdf-cavs openssh-6.8p1/Makefile.in
|
||||
ssh-xmss.o \
|
||||
@@ -198,6 +199,9 @@ ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHD
|
||||
ctr-cavstest$(EXEEXT): $(LIBCOMPAT) libssh.a ctr-cavstest.o
|
||||
$(LD) -o $@ ctr-cavstest.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)
|
||||
$(LD) -o $@ ctr-cavstest.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
|
||||
|
||||
+ssh-cavs$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-cavs.o
|
||||
+ $(LD) -o $@ ssh-cavs.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
|
@ -171,7 +171,7 @@ diff -up openssh-6.8p1/Makefile.in.ldap openssh-6.8p1/Makefile.in
|
||||
$(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
|
||||
|
||||
+ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
|
||||
+ $(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat -lfipscheck $(LIBS) $(LDAPLIBS)
|
||||
+ $(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LDAPLIBS)
|
||||
+
|
||||
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
|
||||
$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
|
||||
|
@ -127,50 +127,6 @@ diff -up openssh-7.9p1/kexgexc.c.fips openssh-7.9p1/kexgexc.c
|
||||
p = g = NULL; /* belong to kex->dh now */
|
||||
|
||||
/* generate and send 'e', client DH public key */
|
||||
diff -up openssh-7.9p1/Makefile.in.fips openssh-7.9p1/Makefile.in
|
||||
--- openssh-7.9p1/Makefile.in.fips 2019-03-11 17:06:37.615877984 +0100
|
||||
+++ openssh-7.9p1/Makefile.in 2019-03-11 17:06:37.621878041 +0100
|
||||
@@ -179,25 +179,25 @@ libssh.a: $(LIBSSH_OBJS)
|
||||
$(RANLIB) $@
|
||||
|
||||
ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
|
||||
- $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS) $(GSSLIBS)
|
||||
+ $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHLIBS) $(LIBS) $(GSSLIBS)
|
||||
|
||||
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
|
||||
- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
|
||||
+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
|
||||
|
||||
scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
|
||||
$(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
|
||||
ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
|
||||
- $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
+ $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
|
||||
|
||||
ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o
|
||||
- $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
+ $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
|
||||
|
||||
ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
|
||||
- $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
+ $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
|
||||
|
||||
ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o uidswap.o compat.o
|
||||
- $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
+ $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
|
||||
|
||||
ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
|
||||
$(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
|
||||
@@ -215,7 +215,7 @@ ssh-cavs$(EXEEXT): $(LIBCOMPAT) libssh.a
|
||||
$(LD) -o $@ ssh-cavs.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
|
||||
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
|
||||
- $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
|
||||
+ $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)
|
||||
|
||||
sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
|
||||
$(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
diff -up openssh-7.9p1/myproposal.h.fips openssh-7.9p1/myproposal.h
|
||||
--- openssh-7.9p1/myproposal.h.fips 2018-10-17 02:01:20.000000000 +0200
|
||||
+++ openssh-7.9p1/myproposal.h 2019-03-11 17:06:37.621878041 +0100
|
||||
@ -309,43 +265,25 @@ diff -up openssh-7.9p1/servconf.c.fips openssh-7.9p1/servconf.c
|
||||
diff -up openssh-7.9p1/ssh.c.fips openssh-7.9p1/ssh.c
|
||||
--- openssh-7.9p1/ssh.c.fips 2019-03-11 17:06:37.602877862 +0100
|
||||
+++ openssh-7.9p1/ssh.c 2019-03-11 17:06:37.623878060 +0100
|
||||
@@ -76,6 +76,8 @@
|
||||
@@ -76,6 +76,7 @@
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/err.h>
|
||||
#endif
|
||||
+#include <openssl/crypto.h>
|
||||
+#include <fipscheck.h>
|
||||
#include "openbsd-compat/openssl-compat.h"
|
||||
#include "openbsd-compat/sys-queue.h"
|
||||
|
||||
@@ -600,6 +602,16 @@ main(int ac, char **av)
|
||||
sanitise_stdfd();
|
||||
|
||||
__progname = ssh_get_progname(av[0]);
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
+ SSLeay_add_all_algorithms();
|
||||
+#endif
|
||||
+ if (access("/etc/system-fips", F_OK) == 0)
|
||||
+ if (! FIPSCHECK_verify(NULL, NULL)){
|
||||
+ if (FIPS_mode())
|
||||
+ fatal("FIPS integrity verification test failed.");
|
||||
+ else
|
||||
+ logit("FIPS integrity verification test failed.");
|
||||
+ }
|
||||
|
||||
#ifndef HAVE_SETPROCTITLE
|
||||
/* Prepare for later setproctitle emulation */
|
||||
@@ -1283,6 +1294,10 @@ main(int ac, char **av)
|
||||
|
||||
seed_rng();
|
||||
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("FIPS mode initialized");
|
||||
+ }
|
||||
dump_client_config(&options, host);
|
||||
exit(0);
|
||||
}
|
||||
+
|
||||
/*
|
||||
* Discard other fds that are hanging around. These can cause problem
|
||||
* with backgrounded ssh processes started by ControlPersist.
|
||||
+ if (FIPS_mode()) {
|
||||
+ debug("FIPS mode initialized");
|
||||
+ }
|
||||
|
||||
if (muxclient_command != 0 && options.control_path == NULL)
|
||||
fatal("No ControlPath specified for \"-O\" command");
|
||||
diff -up openssh-7.9p1/sshconnect2.c.fips openssh-7.9p1/sshconnect2.c
|
||||
--- openssh-7.9p1/sshconnect2.c.fips 2019-03-11 17:06:37.580877655 +0100
|
||||
+++ openssh-7.9p1/sshconnect2.c 2019-03-11 17:06:37.623878060 +0100
|
||||
@ -387,7 +325,7 @@ diff -up openssh-7.9p1/sshconnect2.c.fips openssh-7.9p1/sshconnect2.c
|
||||
/* Prefer algorithms that we already have keys for */
|
||||
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
|
||||
compat_pkalg_proposal(
|
||||
@@ -201,29 +201,34 @@ ssh_kex2(char *host, struct sockaddr *ho
|
||||
@@ -201,35 +201,40 @@ ssh_kex2(char *host, struct sockaddr *ho
|
||||
|
||||
#if defined(GSSAPI) && defined(WITH_OPENSSL)
|
||||
if (options.gss_keyex) {
|
||||
@ -395,12 +333,18 @@ diff -up openssh-7.9p1/sshconnect2.c.fips openssh-7.9p1/sshconnect2.c
|
||||
- * client to the key exchange algorithm proposal */
|
||||
- orig = myproposal[PROPOSAL_KEX_ALGS];
|
||||
-
|
||||
- if (options.gss_server_identity)
|
||||
- if (options.gss_server_identity) {
|
||||
- gss_host = xstrdup(options.gss_server_identity);
|
||||
- else if (options.gss_trust_dns)
|
||||
- } else if (options.gss_trust_dns) {
|
||||
- gss_host = remote_hostname(ssh);
|
||||
- else
|
||||
- /* Fall back to specified host if we are using proxy command
|
||||
- * and can not use DNS on that socket */
|
||||
- if (strcmp(gss_host, "UNKNOWN") == 0) {
|
||||
- gss_host = xstrdup(host);
|
||||
- }
|
||||
- } else {
|
||||
- gss_host = xstrdup(host);
|
||||
- }
|
||||
-
|
||||
- gss = ssh_gssapi_client_mechanisms(gss_host,
|
||||
- options.gss_client_identity, options.gss_kex_algorithms);
|
||||
@ -422,12 +366,18 @@ diff -up openssh-7.9p1/sshconnect2.c.fips openssh-7.9p1/sshconnect2.c
|
||||
+ * client to the key exchange algorithm proposal */
|
||||
+ orig = myproposal[PROPOSAL_KEX_ALGS];
|
||||
+
|
||||
+ if (options.gss_server_identity)
|
||||
+ if (options.gss_server_identity) {
|
||||
+ gss_host = xstrdup(options.gss_server_identity);
|
||||
+ else if (options.gss_trust_dns)
|
||||
+ } else if (options.gss_trust_dns) {
|
||||
+ gss_host = remote_hostname(ssh);
|
||||
+ else
|
||||
+ /* Fall back to specified host if we are using proxy command
|
||||
+ * and can not use DNS on that socket */
|
||||
+ if (strcmp(gss_host, "UNKNOWN") == 0) {
|
||||
+ gss_host = xstrdup(host);
|
||||
+ }
|
||||
+ } else {
|
||||
+ gss_host = xstrdup(host);
|
||||
+ }
|
||||
+
|
||||
+ gss = ssh_gssapi_client_mechanisms(gss_host,
|
||||
+ options.gss_client_identity, options.gss_kex_algorithms);
|
||||
@ -456,31 +406,19 @@ diff -up openssh-7.9p1/sshd.c.fips openssh-7.9p1/sshd.c
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@@ -77,6 +78,8 @@
|
||||
@@ -77,6 +78,7 @@
|
||||
#include <openssl/dh.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/rand.h>
|
||||
+#include <openssl/crypto.h>
|
||||
+#include <fipscheck.h>
|
||||
#include "openbsd-compat/openssl-compat.h"
|
||||
#endif
|
||||
|
||||
@@ -1581,6 +1584,18 @@ main(int ac, char **av)
|
||||
@@ -1581,6 +1584,7 @@ main(int ac, char **av)
|
||||
#endif
|
||||
__progname = ssh_get_progname(av[0]);
|
||||
|
||||
+ OpenSSL_add_all_algorithms();
|
||||
+ if (access("/etc/system-fips", F_OK) == 0)
|
||||
+ if (! FIPSCHECK_verify(NULL, NULL)) {
|
||||
+ openlog(__progname, LOG_PID, LOG_AUTHPRIV);
|
||||
+ if (FIPS_mode()) {
|
||||
+ syslog(LOG_CRIT, "FIPS integrity verification test failed.");
|
||||
+ cleanup_exit(255);
|
||||
+ }
|
||||
+ else
|
||||
+ syslog(LOG_INFO, "FIPS integrity verification test failed.");
|
||||
+ closelog();
|
||||
+ }
|
||||
/* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
|
||||
saved_argc = ac;
|
||||
rexec_argc = ac;
|
||||
@ -489,7 +427,7 @@ diff -up openssh-7.9p1/sshd.c.fips openssh-7.9p1/sshd.c
|
||||
log_init(__progname, options.log_level, options.log_facility, log_stderr);
|
||||
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("FIPS mode initialized");
|
||||
+ debug("FIPS mode initialized");
|
||||
+ }
|
||||
+
|
||||
/* Chdir to the root directory so that the current disk can be
|
||||
|
@ -1,11 +1,12 @@
|
||||
diff -up openssh-7.7p1/ssh_config.redhat openssh-7.7p1/ssh_config
|
||||
--- openssh-7.7p1/ssh_config.redhat 2018-04-02 07:38:28.000000000 +0200
|
||||
+++ openssh-7.7p1/ssh_config 2018-07-03 10:44:06.522245125 +0200
|
||||
@@ -44,3 +44,7 @@
|
||||
@@ -44,3 +44,8 @@
|
||||
# VisualHostKey no
|
||||
# ProxyCommand ssh -q -W %h:%p gateway.example.com
|
||||
# RekeyLimit 1G 1h
|
||||
+#
|
||||
+# This system is following system-wide crypto policy.
|
||||
+# To modify the system-wide ssh configuration, create a *.conf file under
|
||||
+# /etc/ssh/ssh_config.d/ which will be automatically included below
|
||||
+Include /etc/ssh/ssh_config.d/*.conf
|
||||
@ -66,7 +67,7 @@ diff -up openssh-7.7p1/sshd_config.5.redhat openssh-7.7p1/sshd_config.5
|
||||
diff -up openssh-7.7p1/sshd_config.redhat openssh-7.7p1/sshd_config
|
||||
--- openssh-7.7p1/sshd_config.redhat 2018-04-02 07:38:28.000000000 +0200
|
||||
+++ openssh-7.7p1/sshd_config 2018-07-03 10:45:16.950782466 +0200
|
||||
@@ -10,20 +10,34 @@
|
||||
@@ -10,20 +10,31 @@
|
||||
# possible, but leave them commented. Uncommented options override the
|
||||
# default value.
|
||||
|
||||
@ -89,14 +90,11 @@ diff -up openssh-7.7p1/sshd_config.redhat openssh-7.7p1/sshd_config
|
||||
# Ciphers and keying
|
||||
#RekeyLimit default none
|
||||
|
||||
+# System-wide Crypto policy:
|
||||
+# This system is following system-wide crypto policy. The changes to
|
||||
+# Ciphers, MACs, KexAlgoritms and GSSAPIKexAlgorithsm will not have any
|
||||
+# effect here. They will be overridden by command-line options passed on
|
||||
+# the server start up.
|
||||
+# To opt out, uncomment a line with redefinition of CRYPTO_POLICY=
|
||||
+# variable in /etc/sysconfig/sshd to overwrite the policy.
|
||||
+# For more information, see manual page for update-crypto-policies(8).
|
||||
+# crypto properties (Ciphers, MACs, ...) will not have any effect here.
|
||||
+# They will be overridden by command-line options passed to the server
|
||||
+# on command line.
|
||||
+# Please, check manual pages for update-crypto-policies(8) and sshd_config(5).
|
||||
+
|
||||
# Logging
|
||||
#SyslogFacility AUTH
|
||||
|
@ -1,7 +1,55 @@
|
||||
diff -up openssh-8.0p1/ssh_config.5.crypto-policies openssh-8.0p1/ssh_config.5
|
||||
--- openssh-8.0p1/ssh_config.5.crypto-policies 2019-05-13 14:04:01.999099570 +0200
|
||||
+++ openssh-8.0p1/ssh_config.5 2019-05-13 14:12:36.343923071 +0200
|
||||
@@ -445,12 +445,10 @@ aes256-gcm@openssh.com
|
||||
--- openssh-8.0p1/ssh_config.5.crypto-policies 2020-03-24 17:32:54.821789205 +0100
|
||||
+++ openssh-8.0p1/ssh_config.5 2020-03-24 17:59:58.174122920 +0100
|
||||
@@ -357,17 +357,17 @@ or
|
||||
.Qq *.c.example.com
|
||||
domains.
|
||||
.It Cm CASignatureAlgorithms
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies which algorithms are allowed for signing of certificates
|
||||
by certificate authorities (CAs).
|
||||
-The default is:
|
||||
-.Bd -literal -offset indent
|
||||
-ecdsa-sha2-nistp256.ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
||||
-ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
|
||||
-.Ed
|
||||
-.Pp
|
||||
.Xr ssh 1
|
||||
will not accept host certificates signed using algorithms other than those
|
||||
specified.
|
||||
+.Pp
|
||||
.It Cm CertificateFile
|
||||
Specifies a file from which the user's certificate is read.
|
||||
A corresponding private key must be provided separately in order
|
||||
@@ -420,16 +420,21 @@ If the option is set to
|
||||
.Cm no ,
|
||||
the check will not be executed.
|
||||
.It Cm Ciphers
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies the ciphers allowed and their order of preference.
|
||||
Multiple ciphers must be comma-separated.
|
||||
If the specified value begins with a
|
||||
.Sq +
|
||||
-character, then the specified ciphers will be appended to the default set
|
||||
+character, then the specified ciphers will be appended to the built-in default set
|
||||
instead of replacing them.
|
||||
If the specified value begins with a
|
||||
.Sq -
|
||||
character, then the specified ciphers (including wildcards) will be removed
|
||||
-from the default set instead of replacing them.
|
||||
+from the built-in default set instead of replacing them.
|
||||
.Pp
|
||||
The supported ciphers are:
|
||||
.Bd -literal -offset indent
|
||||
@@ -445,13 +450,6 @@ aes256-gcm@openssh.com
|
||||
chacha20-poly1305@openssh.com
|
||||
.Ed
|
||||
.Pp
|
||||
@ -11,30 +59,53 @@ diff -up openssh-8.0p1/ssh_config.5.crypto-policies openssh-8.0p1/ssh_config.5
|
||||
-aes128-ctr,aes192-ctr,aes256-ctr,
|
||||
-aes128-gcm@openssh.com,aes256-gcm@openssh.com
|
||||
-.Ed
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
.Pp
|
||||
-.Pp
|
||||
The list of available ciphers may also be obtained using
|
||||
.Qq ssh -Q cipher .
|
||||
@@ -812,8 +810,10 @@ gss-nistp256-sha256-,
|
||||
.It Cm ClearAllForwardings
|
||||
@@ -800,6 +798,11 @@ command line will be passed untouched to
|
||||
The default is
|
||||
.Dq no .
|
||||
.It Cm GSSAPIKexAlgorithms
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
The list of key exchange algorithms that are offered for GSSAPI
|
||||
key exchange. Possible values are
|
||||
.Bd -literal -offset 3n
|
||||
@@ -812,9 +815,8 @@ gss-nistp256-sha256-,
|
||||
gss-curve25519-sha256-
|
||||
.Ed
|
||||
.Pp
|
||||
-The default is
|
||||
-.Dq gss-gex-sha1-,gss-group14-sha1- .
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
This option only applies to protocol version 2 connections using GSSAPI.
|
||||
-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
|
||||
This option only applies to connections using GSSAPI.
|
||||
+.Pp
|
||||
.It Cm HashKnownHosts
|
||||
Indicates that
|
||||
@@ -1123,16 +1123,10 @@ If the specified value begins with a
|
||||
.Xr ssh 1
|
||||
@@ -1114,26 +1115,21 @@ it may be zero or more of:
|
||||
and
|
||||
.Cm pam .
|
||||
.It Cm KexAlgorithms
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies the available KEX (Key Exchange) algorithms.
|
||||
Multiple algorithms must be comma-separated.
|
||||
Alternately if the specified value begins with a
|
||||
.Sq +
|
||||
-character, then the specified methods will be appended to the default set
|
||||
+character, then the specified methods will be appended to the built-in default set
|
||||
instead of replacing them.
|
||||
If the specified value begins with a
|
||||
.Sq -
|
||||
character, then the specified methods (including wildcards) will be removed
|
||||
from the default set instead of replacing them.
|
||||
-from the default set instead of replacing them.
|
||||
-The default is:
|
||||
-.Bd -literal -offset indent
|
||||
-curve25519-sha256,curve25519-sha256@libssh.org,
|
||||
@ -45,14 +116,36 @@ diff -up openssh-8.0p1/ssh_config.5.crypto-policies openssh-8.0p1/ssh_config.5
|
||||
-diffie-hellman-group14-sha256,
|
||||
-diffie-hellman-group14-sha1
|
||||
-.Ed
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+from the built-in default set instead of replacing them.
|
||||
.Pp
|
||||
The list of available key exchange algorithms may also be obtained using
|
||||
.Qq ssh -Q kex .
|
||||
@@ -1210,14 +1204,10 @@ The algorithms that contain
|
||||
@@ -1193,33 +1189,29 @@ The default is INFO.
|
||||
DEBUG and DEBUG1 are equivalent.
|
||||
DEBUG2 and DEBUG3 each specify higher levels of verbose output.
|
||||
.It Cm MACs
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies the MAC (message authentication code) algorithms
|
||||
in order of preference.
|
||||
The MAC algorithm is used for data integrity protection.
|
||||
Multiple algorithms must be comma-separated.
|
||||
If the specified value begins with a
|
||||
.Sq +
|
||||
-character, then the specified algorithms will be appended to the default set
|
||||
+character, then the specified algorithms will be appended to the built-in default set
|
||||
instead of replacing them.
|
||||
If the specified value begins with a
|
||||
.Sq -
|
||||
character, then the specified algorithms (including wildcards) will be removed
|
||||
-from the default set instead of replacing them.
|
||||
+from the built-in default set instead of replacing them.
|
||||
.Pp
|
||||
The algorithms that contain
|
||||
.Qq -etm
|
||||
calculate the MAC after encryption (encrypt-then-mac).
|
||||
These are considered safer and their use recommended.
|
||||
.Pp
|
||||
@ -64,17 +157,30 @@ diff -up openssh-8.0p1/ssh_config.5.crypto-policies openssh-8.0p1/ssh_config.5
|
||||
-umac-64@openssh.com,umac-128@openssh.com,
|
||||
-hmac-sha2-256,hmac-sha2-512,hmac-sha1
|
||||
-.Ed
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
.Pp
|
||||
-.Pp
|
||||
The list of available MAC algorithms may also be obtained using
|
||||
.Qq ssh -Q mac .
|
||||
@@ -1361,17 +1351,10 @@ If the specified value begins with a
|
||||
.It Cm NoHostAuthenticationForLocalhost
|
||||
@@ -1352,27 +1344,21 @@ instead of continuing to execute and pas
|
||||
The default is
|
||||
.Cm no .
|
||||
.It Cm PubkeyAcceptedKeyTypes
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies the key types that will be used for public key authentication
|
||||
as a comma-separated list of patterns.
|
||||
Alternately if the specified value begins with a
|
||||
.Sq +
|
||||
-character, then the key types after it will be appended to the default
|
||||
+character, then the key types after it will be appended to the built-in default
|
||||
instead of replacing it.
|
||||
If the specified value begins with a
|
||||
.Sq -
|
||||
character, then the specified key types (including wildcards) will be removed
|
||||
from the default set instead of replacing them.
|
||||
-from the default set instead of replacing them.
|
||||
-The default for this option is:
|
||||
-.Bd -literal -offset 3n
|
||||
-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
||||
@ -86,17 +192,61 @@ diff -up openssh-8.0p1/ssh_config.5.crypto-policies openssh-8.0p1/ssh_config.5
|
||||
-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
||||
-ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
|
||||
-.Ed
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+from the built-in default set instead of replacing them.
|
||||
.Pp
|
||||
The list of available key types may also be obtained using
|
||||
.Qq ssh -Q key .
|
||||
diff -up openssh-8.0p1/sshd_config.5.crypto-policies openssh-8.0p1/sshd_config.5
|
||||
--- openssh-8.0p1/sshd_config.5.crypto-policies 2019-05-13 14:12:41.226968863 +0200
|
||||
+++ openssh-8.0p1/sshd_config.5 2019-05-13 14:15:14.581406997 +0200
|
||||
@@ -490,12 +490,10 @@ aes256-gcm@openssh.com
|
||||
--- openssh-8.0p1/sshd_config.5.crypto-policies 2020-03-24 17:32:54.802788908 +0100
|
||||
+++ openssh-8.0p1/sshd_config.5 2020-03-24 17:54:13.347740176 +0100
|
||||
@@ -383,16 +383,16 @@ If the argument is
|
||||
then no banner is displayed.
|
||||
By default, no banner is displayed.
|
||||
.It Cm CASignatureAlgorithms
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies which algorithms are allowed for signing of certificates
|
||||
by certificate authorities (CAs).
|
||||
-The default is:
|
||||
-.Bd -literal -offset indent
|
||||
-ecdsa-sha2-nistp256.ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
||||
-ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
|
||||
-.Ed
|
||||
-.Pp
|
||||
Certificates signed using other algorithms will not be accepted for
|
||||
public key or host-based authentication.
|
||||
+.Pp
|
||||
.It Cm ChallengeResponseAuthentication
|
||||
Specifies whether challenge-response authentication is allowed (e.g. via
|
||||
PAM or through authentication styles supported in
|
||||
@@ -454,16 +454,21 @@ The default is
|
||||
indicating not to
|
||||
.Xr chroot 2 .
|
||||
.It Cm Ciphers
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies the ciphers allowed.
|
||||
Multiple ciphers must be comma-separated.
|
||||
If the specified value begins with a
|
||||
.Sq +
|
||||
-character, then the specified ciphers will be appended to the default set
|
||||
+character, then the specified ciphers will be appended to the built-in default set
|
||||
instead of replacing them.
|
||||
If the specified value begins with a
|
||||
.Sq -
|
||||
character, then the specified ciphers (including wildcards) will be removed
|
||||
-from the default set instead of replacing them.
|
||||
+from the built-in default set instead of replacing them.
|
||||
.Pp
|
||||
The supported ciphers are:
|
||||
.Pp
|
||||
@@ -490,13 +495,6 @@ aes256-gcm@openssh.com
|
||||
chacha20-poly1305@openssh.com
|
||||
.El
|
||||
.Pp
|
||||
@ -106,28 +256,40 @@ diff -up openssh-8.0p1/sshd_config.5.crypto-policies openssh-8.0p1/sshd_config.5
|
||||
-aes128-ctr,aes192-ctr,aes256-ctr,
|
||||
-aes128-gcm@openssh.com,aes256-gcm@openssh.com
|
||||
-.Ed
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
.Pp
|
||||
-.Pp
|
||||
The list of available ciphers may also be obtained using
|
||||
.Qq ssh -Q cipher .
|
||||
@@ -700,8 +698,10 @@ gss-nistp256-sha256-,
|
||||
.It Cm ClientAliveCountMax
|
||||
@@ -688,6 +686,11 @@ For this to work
|
||||
.Cm GSSAPIKeyExchange
|
||||
needs to be enabled in the server and also used by the client.
|
||||
.It Cm GSSAPIKexAlgorithms
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
The list of key exchange algorithms that are accepted by GSSAPI
|
||||
key exchange. Possible values are
|
||||
.Bd -literal -offset 3n
|
||||
@@ -700,8 +703,6 @@ gss-nistp256-sha256-,
|
||||
gss-curve25519-sha256-
|
||||
.Ed
|
||||
.Pp
|
||||
-The default is
|
||||
-.Dq gss-gex-sha1-,gss-group14-sha1- .
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
This option only applies to protocol version 2 connections using GSSAPI.
|
||||
-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
|
||||
This option only applies to connections using GSSAPI.
|
||||
.It Cm HostbasedAcceptedKeyTypes
|
||||
Specifies the key types that will be accepted for hostbased authentication
|
||||
@@ -792,17 +792,10 @@ environment variable.
|
||||
@@ -791,19 +791,13 @@ is specified, the location of the socket
|
||||
.Ev SSH_AUTH_SOCK
|
||||
environment variable.
|
||||
.It Cm HostKeyAlgorithms
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies the host key algorithms
|
||||
that the server offers.
|
||||
-The default for this option is:
|
||||
@ -141,14 +303,34 @@ diff -up openssh-8.0p1/sshd_config.5.crypto-policies openssh-8.0p1/sshd_config.5
|
||||
-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
||||
-ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
|
||||
-.Ed
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
.Pp
|
||||
The list of available key types may also be obtained using
|
||||
.Qq ssh -Q key .
|
||||
@@ -960,14 +953,10 @@ ecdh-sha2-nistp384
|
||||
@@ -922,16 +916,21 @@ Specifies whether to look at .k5login fi
|
||||
The default is
|
||||
.Cm yes .
|
||||
.It Cm KexAlgorithms
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies the available KEX (Key Exchange) algorithms.
|
||||
Multiple algorithms must be comma-separated.
|
||||
Alternately if the specified value begins with a
|
||||
.Sq +
|
||||
-character, then the specified methods will be appended to the default set
|
||||
+character, then the specified methods will be appended to the built-in default set
|
||||
instead of replacing them.
|
||||
If the specified value begins with a
|
||||
.Sq -
|
||||
character, then the specified methods (including wildcards) will be removed
|
||||
-from the default set instead of replacing them.
|
||||
+from the built-in default set instead of replacing them.
|
||||
The supported algorithms are:
|
||||
.Pp
|
||||
.Bl -item -compact -offset indent
|
||||
@@ -961,15 +960,6 @@ ecdh-sha2-nistp384
|
||||
ecdh-sha2-nistp521
|
||||
.El
|
||||
.Pp
|
||||
@ -160,14 +342,36 @@ diff -up openssh-8.0p1/sshd_config.5.crypto-policies openssh-8.0p1/sshd_config.5
|
||||
-diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,
|
||||
-diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
|
||||
-.Ed
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
.Pp
|
||||
-.Pp
|
||||
The list of available key exchange algorithms may also be obtained using
|
||||
.Qq ssh -Q kex .
|
||||
@@ -1090,14 +1079,10 @@ umac-64-etm@openssh.com
|
||||
.It Cm ListenAddress
|
||||
@@ -1038,17 +1028,22 @@ DEBUG and DEBUG1 are equivalent.
|
||||
DEBUG2 and DEBUG3 each specify higher levels of debugging output.
|
||||
Logging with a DEBUG level violates the privacy of users and is not recommended.
|
||||
.It Cm MACs
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies the available MAC (message authentication code) algorithms.
|
||||
The MAC algorithm is used for data integrity protection.
|
||||
Multiple algorithms must be comma-separated.
|
||||
If the specified value begins with a
|
||||
.Sq +
|
||||
-character, then the specified algorithms will be appended to the default set
|
||||
+character, then the specified algorithms will be appended to the built-in default set
|
||||
instead of replacing them.
|
||||
If the specified value begins with a
|
||||
.Sq -
|
||||
character, then the specified algorithms (including wildcards) will be removed
|
||||
-from the default set instead of replacing them.
|
||||
+from the built-in default set instead of replacing them.
|
||||
.Pp
|
||||
The algorithms that contain
|
||||
.Qq -etm
|
||||
@@ -1091,15 +1086,6 @@ umac-64-etm@openssh.com
|
||||
umac-128-etm@openssh.com
|
||||
.El
|
||||
.Pp
|
||||
@ -179,17 +383,30 @@ diff -up openssh-8.0p1/sshd_config.5.crypto-policies openssh-8.0p1/sshd_config.5
|
||||
-umac-64@openssh.com,umac-128@openssh.com,
|
||||
-hmac-sha2-256,hmac-sha2-512,hmac-sha1
|
||||
-.Ed
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
.Pp
|
||||
-.Pp
|
||||
The list of available MAC algorithms may also be obtained using
|
||||
.Qq ssh -Q mac .
|
||||
@@ -1455,17 +1440,10 @@ If the specified value begins with a
|
||||
.It Cm Match
|
||||
@@ -1446,27 +1432,21 @@ or equivalent.)
|
||||
The default is
|
||||
.Cm yes .
|
||||
.It Cm PubkeyAcceptedKeyTypes
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the current defaults and how to modify them, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+.Pp
|
||||
Specifies the key types that will be accepted for public key authentication
|
||||
as a list of comma-separated patterns.
|
||||
Alternately if the specified value begins with a
|
||||
.Sq +
|
||||
-character, then the specified key types will be appended to the default set
|
||||
+character, then the specified key types will be appended to the built-in default set
|
||||
instead of replacing them.
|
||||
If the specified value begins with a
|
||||
.Sq -
|
||||
character, then the specified key types (including wildcards) will be removed
|
||||
from the default set instead of replacing them.
|
||||
-from the default set instead of replacing them.
|
||||
-The default for this option is:
|
||||
-.Bd -literal -offset 3n
|
||||
-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
||||
@ -201,10 +418,7 @@ diff -up openssh-8.0p1/sshd_config.5.crypto-policies openssh-8.0p1/sshd_config.5
|
||||
-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
||||
-ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
|
||||
-.Ed
|
||||
+The default is handled system-wide by
|
||||
+.Xr crypto-policies 7 .
|
||||
+To see the defaults and how to modify this default, see manual page
|
||||
+.Xr update-crypto-policies 8 .
|
||||
+from the built-in default set instead of replacing them.
|
||||
.Pp
|
||||
The list of available key types may also be obtained using
|
||||
.Qq ssh -Q key .
|
||||
|
302
SOURCES/openssh-8.0p1-entropy.patch
Normal file
302
SOURCES/openssh-8.0p1-entropy.patch
Normal file
@ -0,0 +1,302 @@
|
||||
diff --git a/entropy.c b/entropy.c
|
||||
index 2d483b3..b361a04 100644
|
||||
--- a/entropy.c
|
||||
+++ b/entropy.c
|
||||
@@ -234,6 +234,9 @@ seed_rng(void)
|
||||
}
|
||||
#endif /* OPENSSL_PRNG_ONLY */
|
||||
|
||||
+#ifdef __linux__
|
||||
+ linux_seed();
|
||||
+#endif /* __linux__ */
|
||||
if (RAND_status() != 1)
|
||||
fatal("PRNG is not seeded");
|
||||
|
||||
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
|
||||
index b912dbe..9206337 100644
|
||||
--- a/openbsd-compat/Makefile.in
|
||||
+++ b/openbsd-compat/Makefile.in
|
||||
@@ -20,6 +20,7 @@ OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o di
|
||||
port-solaris.o \
|
||||
port-net.o \
|
||||
port-uw.o \
|
||||
+ port-linux-prng.o \
|
||||
port-linux-sshd.o
|
||||
|
||||
.c.o:
|
||||
diff -up openssh-7.4p1/openbsd-compat/port-linux.h.entropy openssh-7.4p1/openbsd-compat/port-linux.h
|
||||
--- openssh-7.4p1/openbsd-compat/port-linux.h.entropy 2016-12-23 18:34:27.747753563 +0100
|
||||
+++ openssh-7.4p1/openbsd-compat/port-linux.h 2016-12-23 18:34:27.769753570 +0100
|
||||
@@ -34,4 +34,6 @@ void oom_adjust_restore(void);
|
||||
void oom_adjust_setup(void);
|
||||
#endif
|
||||
|
||||
+void linux_seed(void);
|
||||
+
|
||||
#endif /* ! _PORT_LINUX_H */
|
||||
diff --git a/openbsd-compat/port-linux-prng.c b/openbsd-compat/port-linux-prng.c
|
||||
new file mode 100644
|
||||
index 0000000..92a617c
|
||||
--- /dev/null
|
||||
+++ b/openbsd-compat/port-linux-prng.c
|
||||
@@ -0,0 +1,78 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2011 - 2020 Red Hat, Inc.
|
||||
+ *
|
||||
+ * Authors:
|
||||
+ * Jan F. Chadima <jchadima@redhat.com>
|
||||
+ * Jakub Jelen <jjelen@redhat.com>
|
||||
+ *
|
||||
+ * Permission to use, copy, modify, and distribute this software for any
|
||||
+ * purpose with or without fee is hereby granted, provided that the above
|
||||
+ * copyright notice and this permission notice appear in all copies.
|
||||
+ *
|
||||
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
+ */
|
||||
+
|
||||
+/*
|
||||
+ * Linux-specific portability code - prng support
|
||||
+ */
|
||||
+
|
||||
+#include "includes.h"
|
||||
+
|
||||
+#include <errno.h>
|
||||
+#include <string.h>
|
||||
+#include <openssl/rand.h>
|
||||
+#include <sys/random.h>
|
||||
+
|
||||
+#include "log.h"
|
||||
+
|
||||
+void
|
||||
+linux_seed(void)
|
||||
+{
|
||||
+ char *env = NULL;
|
||||
+ size_t randlen = 14, left;
|
||||
+ unsigned int flags = 0;
|
||||
+ unsigned char buf[256], *p;
|
||||
+
|
||||
+ env = getenv("SSH_USE_STRONG_RNG");
|
||||
+ if (env && strcmp(env, "0") != 0) {
|
||||
+ size_t ienv = atoi(env);
|
||||
+
|
||||
+ /* Max on buffer length */
|
||||
+ if (ienv > sizeof(buf))
|
||||
+ ienv = sizeof(buf);
|
||||
+ /* Minimum is always 14 B */
|
||||
+ if (ienv > randlen)
|
||||
+ randlen = ienv;
|
||||
+ flags = GRND_RANDOM;
|
||||
+ }
|
||||
+
|
||||
+ errno = 0;
|
||||
+ left = randlen;
|
||||
+ p = buf;
|
||||
+ do {
|
||||
+ ssize_t len = getrandom(p, left, flags);
|
||||
+ if (len == -1) {
|
||||
+ if (errno != EINTR) {
|
||||
+ if (flags) {
|
||||
+ /* With the variable present, this is fatal error */
|
||||
+ fatal("Failed to seed from getrandom: %s", strerror(errno));
|
||||
+ } else {
|
||||
+ /* Otherwise we log the issue drop out from here */
|
||||
+ debug("Failed to seed from getrandom: %s", strerror(errno));
|
||||
+ return;
|
||||
+ }
|
||||
+ }
|
||||
+ } else if (len > 0) {
|
||||
+ left -= len;
|
||||
+ p += len;
|
||||
+ }
|
||||
+ } while (left > 0);
|
||||
+
|
||||
+ RAND_seed(buf, randlen);
|
||||
+}
|
||||
diff --git a/ssh-add.1 b/ssh-add.1
|
||||
index 4812448..16305bf 100644
|
||||
--- a/ssh-add.1
|
||||
+++ b/ssh-add.1
|
||||
@@ -161,6 +161,22 @@ to make this work.)
|
||||
Identifies the path of a
|
||||
.Ux Ns -domain
|
||||
socket used to communicate with the agent.
|
||||
+.It Ev SSH_USE_STRONG_RNG
|
||||
+The reseeding of the OpenSSL random generator is usually done from
|
||||
+.Cm getrandom(1)
|
||||
+without any specific flags.
|
||||
+If the
|
||||
+.Cm SSH_USE_STRONG_RNG
|
||||
+environment variable is set to value other than
|
||||
+.Cm 0
|
||||
+the OpenSSL random generator is reseeded from
|
||||
+.Cm getrandom(1)
|
||||
+with GRND_RANDOM flag specified.
|
||||
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||
+Minimum is 14 bytes.
|
||||
+This setting is not recommended on the computers without the hardware
|
||||
+random generator because insufficient entropy causes the connection to
|
||||
+be blocked until enough entropy is available.
|
||||
.El
|
||||
.Sh FILES
|
||||
.Bl -tag -width Ds
|
||||
diff --git a/ssh-agent.1 b/ssh-agent.1
|
||||
index 281ecbd..1a9a635 100644
|
||||
--- a/ssh-agent.1
|
||||
+++ b/ssh-agent.1
|
||||
@@ -201,6 +201,26 @@ sockets used to contain the connection to the authentication agent.
|
||||
These sockets should only be readable by the owner.
|
||||
The sockets should get automatically removed when the agent exits.
|
||||
.El
|
||||
+.Sh ENVIRONMENT
|
||||
+.Bl -tag -width Ds -compact
|
||||
+.Pp
|
||||
+.It Pa SSH_USE_STRONG_RNG
|
||||
+The reseeding of the OpenSSL random generator is usually done from
|
||||
+.Cm getrandom(1)
|
||||
+without any specific flags.
|
||||
+If the
|
||||
+.Cm SSH_USE_STRONG_RNG
|
||||
+environment variable is set to value other than
|
||||
+.Cm 0
|
||||
+the OpenSSL random generator is reseeded from
|
||||
+.Cm getrandom(1)
|
||||
+with GRND_RANDOM flag specified.
|
||||
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||
+Minimum is 14 bytes.
|
||||
+This setting is not recommended on the computers without the hardware
|
||||
+random generator because insufficient entropy causes the connection to
|
||||
+be blocked until enough entropy is available.
|
||||
+.El
|
||||
.Sh SEE ALSO
|
||||
.Xr ssh 1 ,
|
||||
.Xr ssh-add 1 ,
|
||||
diff --git a/ssh-keygen.1 b/ssh-keygen.1
|
||||
index 12e00d4..1b51a4a 100644
|
||||
--- a/ssh-keygen.1
|
||||
+++ b/ssh-keygen.1
|
||||
@@ -832,6 +832,26 @@ Contains Diffie-Hellman groups used for DH-GEX.
|
||||
The file format is described in
|
||||
.Xr moduli 5 .
|
||||
.El
|
||||
+.Sh ENVIRONMENT
|
||||
+.Bl -tag -width Ds -compact
|
||||
+.Pp
|
||||
+.It Pa SSH_USE_STRONG_RNG
|
||||
+The reseeding of the OpenSSL random generator is usually done from
|
||||
+.Cm getrandom(1)
|
||||
+without any specific flags.
|
||||
+If the
|
||||
+.Cm SSH_USE_STRONG_RNG
|
||||
+environment variable is set to value other than
|
||||
+.Cm 0
|
||||
+the OpenSSL random generator is reseeded from
|
||||
+.Cm getrandom(1)
|
||||
+with GRND_RANDOM flag specified.
|
||||
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||
+Minimum is 14 bytes.
|
||||
+This setting is not recommended on the computers without the hardware
|
||||
+random generator because insufficient entropy causes the connection to
|
||||
+be blocked until enough entropy is available.
|
||||
+.El
|
||||
.Sh SEE ALSO
|
||||
.Xr ssh 1 ,
|
||||
.Xr ssh-add 1 ,
|
||||
diff --git a/ssh-keysign.8 b/ssh-keysign.8
|
||||
index 69d0829..02d79f8 100644
|
||||
--- a/ssh-keysign.8
|
||||
+++ b/ssh-keysign.8
|
||||
@@ -80,6 +80,26 @@ must be set-uid root if host-based authentication is used.
|
||||
If these files exist they are assumed to contain public certificate
|
||||
information corresponding with the private keys above.
|
||||
.El
|
||||
+.Sh ENVIRONMENT
|
||||
+.Bl -tag -width Ds -compact
|
||||
+.Pp
|
||||
+.It Pa SSH_USE_STRONG_RNG
|
||||
+The reseeding of the OpenSSL random generator is usually done from
|
||||
+.Cm getrandom(1)
|
||||
+without any specific flags.
|
||||
+If the
|
||||
+.Cm SSH_USE_STRONG_RNG
|
||||
+environment variable is set to value other than
|
||||
+.Cm 0
|
||||
+the OpenSSL random generator is reseeded from
|
||||
+.Cm getrandom(1)
|
||||
+with GRND_RANDOM flag specified.
|
||||
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||
+Minimum is 14 bytes.
|
||||
+This setting is not recommended on the computers without the hardware
|
||||
+random generator because insufficient entropy causes the connection to
|
||||
+be blocked until enough entropy is available.
|
||||
+.El
|
||||
.Sh SEE ALSO
|
||||
.Xr ssh 1 ,
|
||||
.Xr ssh-keygen 1 ,
|
||||
diff --git a/ssh.1 b/ssh.1
|
||||
index 929904b..f65e42f 100644
|
||||
--- a/ssh.1
|
||||
+++ b/ssh.1
|
||||
@@ -1309,6 +1309,25 @@ For more information, see the
|
||||
.Cm PermitUserEnvironment
|
||||
option in
|
||||
.Xr sshd_config 5 .
|
||||
+.Bl -tag -width "SSH_ORIGINAL_COMMAND"
|
||||
+.Pp
|
||||
+.It Ev SSH_USE_STRONG_RNG
|
||||
+The reseeding of the OpenSSL random generator is usually done from
|
||||
+.Cm getrandom(1)
|
||||
+without any specific flags.
|
||||
+If the
|
||||
+.Cm SSH_USE_STRONG_RNG
|
||||
+environment variable is set to value other than
|
||||
+.Cm 0
|
||||
+the OpenSSL random generator is reseeded from
|
||||
+.Cm getrandom(1)
|
||||
+with GRND_RANDOM flag specified.
|
||||
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||
+Minimum is 14 bytes.
|
||||
+This setting is not recommended on the computers without the hardware
|
||||
+random generator because insufficient entropy causes the connection to
|
||||
+be blocked until enough entropy is available.
|
||||
+.El
|
||||
.Sh FILES
|
||||
.Bl -tag -width Ds -compact
|
||||
.It Pa ~/.rhosts
|
||||
diff --git a/sshd.8 b/sshd.8
|
||||
index c2c237f..058d37a 100644
|
||||
--- a/sshd.8
|
||||
+++ b/sshd.8
|
||||
@@ -951,6 +951,26 @@ concurrently for different ports, this contains the process ID of the one
|
||||
started last).
|
||||
The content of this file is not sensitive; it can be world-readable.
|
||||
.El
|
||||
+.Sh ENVIRONMENT
|
||||
+.Bl -tag -width Ds -compact
|
||||
+.Pp
|
||||
+.It Ev SSH_USE_STRONG_RNG
|
||||
+The reseeding of the OpenSSL random generator is usually done from
|
||||
+.Cm getrandom(1)
|
||||
+without any specific flags.
|
||||
+If the
|
||||
+.Cm SSH_USE_STRONG_RNG
|
||||
+environment variable is set to value other than
|
||||
+.Cm 0
|
||||
+the OpenSSL random generator is reseeded from
|
||||
+.Cm getrandom(1)
|
||||
+with GRND_RANDOM flag specified.
|
||||
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||
+Minimum is 14 bytes.
|
||||
+This setting is not recommended on the computers without the hardware
|
||||
+random generator because insufficient entropy causes the connection to
|
||||
+be blocked until enough entropy is available.
|
||||
+.El
|
||||
.Sh IPV6
|
||||
IPv6 address can be used everywhere where IPv4 address. In all entries must be the IPv6 address enclosed in square brackets. Note: The square brackets are metacharacters for the shell and must be escaped in shell.
|
||||
.Sh SEE ALSO
|
||||
|
@ -3265,7 +3265,7 @@ index 36180d07..70dd3665 100644
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@@ -61,10 +61,30 @@
|
||||
@@ -61,10 +61,34 @@
|
||||
|
||||
#define SSH_GSS_OIDTYPE 0x06
|
||||
|
||||
@ -3285,8 +3285,12 @@ index 36180d07..70dd3665 100644
|
||||
+#define KEX_GSS_C25519_SHA256_ID "gss-curve25519-sha256-"
|
||||
+
|
||||
+#define GSS_KEX_DEFAULT_KEX \
|
||||
+ KEX_GSS_GEX_SHA1_ID "," \
|
||||
+ KEX_GSS_GRP14_SHA1_ID
|
||||
+ KEX_GSS_GRP14_SHA256_ID "," \
|
||||
+ KEX_GSS_GRP16_SHA512_ID "," \
|
||||
+ KEX_GSS_NISTP256_SHA256_ID "," \
|
||||
+ KEX_GSS_C25519_SHA256_ID "," \
|
||||
+ KEX_GSS_GRP14_SHA1_ID "," \
|
||||
+ KEX_GSS_GEX_SHA1_ID
|
||||
+
|
||||
typedef struct {
|
||||
char *filename;
|
||||
@ -3492,18 +3496,18 @@ index 41262963..c3c8b274 100644
|
||||
+The list of key exchange algorithms that are offered for GSSAPI
|
||||
+key exchange. Possible values are
|
||||
+.Bd -literal -offset 3n
|
||||
+gss-gex-sha1-,
|
||||
+gss-group1-sha1-,
|
||||
+gss-group14-sha1-,
|
||||
+gss-group14-sha256-,
|
||||
+gss-group16-sha512-,
|
||||
+gss-nistp256-sha256-,
|
||||
+gss-gex-sha1-
|
||||
+gss-group1-sha1-
|
||||
+gss-group14-sha1-
|
||||
+gss-group14-sha256-
|
||||
+gss-group16-sha512-
|
||||
+gss-nistp256-sha256-
|
||||
+gss-curve25519-sha256-
|
||||
+.Ed
|
||||
+.Pp
|
||||
+The default is
|
||||
+.Dq gss-gex-sha1-,gss-group14-sha1- .
|
||||
+This option only applies to protocol version 2 connections using GSSAPI.
|
||||
+.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
|
||||
+This option only applies to connections using GSSAPI.
|
||||
.It Cm HashKnownHosts
|
||||
Indicates that
|
||||
.Xr ssh 1
|
||||
@ -3532,7 +3536,7 @@ index dffee90b..0d0a6cb8 100644
|
||||
xxx_host = host;
|
||||
xxx_hostaddr = hostaddr;
|
||||
|
||||
@@ -193,6 +196,35 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
|
||||
@@ -193,6 +196,41 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
|
||||
order_hostkeyalgs(host, hostaddr, port));
|
||||
}
|
||||
|
||||
@ -3542,12 +3546,18 @@ index dffee90b..0d0a6cb8 100644
|
||||
+ * client to the key exchange algorithm proposal */
|
||||
+ orig = myproposal[PROPOSAL_KEX_ALGS];
|
||||
+
|
||||
+ if (options.gss_server_identity)
|
||||
+ if (options.gss_server_identity) {
|
||||
+ gss_host = xstrdup(options.gss_server_identity);
|
||||
+ else if (options.gss_trust_dns)
|
||||
+ } else if (options.gss_trust_dns) {
|
||||
+ gss_host = remote_hostname(ssh);
|
||||
+ else
|
||||
+ /* Fall back to specified host if we are using proxy command
|
||||
+ * and can not use DNS on that socket */
|
||||
+ if (strcmp(gss_host, "UNKNOWN") == 0) {
|
||||
+ gss_host = xstrdup(host);
|
||||
+ }
|
||||
+ } else {
|
||||
+ gss_host = xstrdup(host);
|
||||
+ }
|
||||
+
|
||||
+ gss = ssh_gssapi_client_mechanisms(gss_host,
|
||||
+ options.gss_client_identity, options.gss_kex_algorithms);
|
||||
@ -3636,18 +3646,24 @@ index dffee90b..0d0a6cb8 100644
|
||||
{"gssapi-with-mic",
|
||||
userauth_gssapi,
|
||||
userauth_gssapi_cleanup,
|
||||
@@ -698,12 +766,23 @@ userauth_gssapi(struct ssh *ssh)
|
||||
@@ -698,12 +766,29 @@ userauth_gssapi(struct ssh *ssh)
|
||||
OM_uint32 min;
|
||||
int r, ok = 0;
|
||||
gss_OID mech = NULL;
|
||||
+ char *gss_host;
|
||||
+ char *gss_host = NULL;
|
||||
+
|
||||
+ if (options.gss_server_identity)
|
||||
+ if (options.gss_server_identity) {
|
||||
+ gss_host = xstrdup(options.gss_server_identity);
|
||||
+ else if (options.gss_trust_dns)
|
||||
+ } else if (options.gss_trust_dns) {
|
||||
+ gss_host = remote_hostname(ssh);
|
||||
+ else
|
||||
+ /* Fall back to specified host if we are using proxy command
|
||||
+ * and can not use DNS on that socket */
|
||||
+ if (strcmp(gss_host, "UNKNOWN") == 0) {
|
||||
+ gss_host = xstrdup(authctxt->host);
|
||||
+ }
|
||||
+ } else {
|
||||
+ gss_host = xstrdup(authctxt->host);
|
||||
+ }
|
||||
|
||||
/* Try one GSSAPI method at a time, rather than sending them all at
|
||||
* once. */
|
||||
@ -3874,18 +3890,18 @@ index b224f292..2baa6622 100644
|
||||
+The list of key exchange algorithms that are accepted by GSSAPI
|
||||
+key exchange. Possible values are
|
||||
+.Bd -literal -offset 3n
|
||||
+gss-gex-sha1-,
|
||||
+gss-group1-sha1-,
|
||||
+gss-group14-sha1-,
|
||||
+gss-group14-sha256-,
|
||||
+gss-group16-sha512-,
|
||||
+gss-nistp256-sha256-,
|
||||
+gss-gex-sha1-
|
||||
+gss-group1-sha1-
|
||||
+gss-group14-sha1-
|
||||
+gss-group14-sha256-
|
||||
+gss-group16-sha512-
|
||||
+gss-nistp256-sha256-
|
||||
+gss-curve25519-sha256-
|
||||
+.Ed
|
||||
+.Pp
|
||||
+The default is
|
||||
+.Dq gss-gex-sha1-,gss-group14-sha1- .
|
||||
+This option only applies to protocol version 2 connections using GSSAPI.
|
||||
+.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
|
||||
+This option only applies to connections using GSSAPI.
|
||||
.It Cm HostbasedAcceptedKeyTypes
|
||||
Specifies the key types that will be accepted for hostbased authentication
|
||||
as a list of comma-separated patterns.
|
||||
|
107
SOURCES/openssh-8.0p1-keygen-sha2.patch
Normal file
107
SOURCES/openssh-8.0p1-keygen-sha2.patch
Normal file
@ -0,0 +1,107 @@
|
||||
From 4a41d245d6b13bd3882c8dc058dbd2e2b39a9f67 Mon Sep 17 00:00:00 2001
|
||||
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||
Date: Fri, 24 Jan 2020 00:27:04 +0000
|
||||
Subject: [PATCH] upstream: when signing a certificate with an RSA key, default
|
||||
to
|
||||
|
||||
a safe signature algorithm (rsa-sha-512) if not is explicitly specified by
|
||||
the user; ok markus@
|
||||
|
||||
OpenBSD-Commit-ID: e05f638f0be6c0266e1d3d799716b461011e83a9
|
||||
---
|
||||
ssh-keygen.c | 14 +++++++++-----
|
||||
1 file changed, 9 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/ssh-keygen.c b/ssh-keygen.c
|
||||
index 564c3c481..f2192edb9 100644
|
||||
--- a/ssh-keygen.c
|
||||
+++ b/ssh-keygen.c
|
||||
@@ -1788,10 +1788,14 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent,
|
||||
}
|
||||
free(tmp);
|
||||
|
||||
- if (key_type_name != NULL &&
|
||||
- sshkey_type_from_name(key_type_name) != ca->type) {
|
||||
- fatal("CA key type %s doesn't match specified %s",
|
||||
- sshkey_ssh_name(ca), key_type_name);
|
||||
+ if (key_type_name != NULL) {
|
||||
+ if (sshkey_type_from_name(key_type_name) != ca->type) {
|
||||
+ fatal("CA key type %s doesn't match specified %s",
|
||||
+ sshkey_ssh_name(ca), key_type_name);
|
||||
+ }
|
||||
+ } else if (ca->type == KEY_RSA) {
|
||||
+ /* Default to a good signature algorithm */
|
||||
+ key_type_name = "rsa-sha2-512";
|
||||
}
|
||||
|
||||
for (i = 0; i < argc; i++) {
|
||||
|
||||
From 476e3551b2952ef73acc43d995e832539bf9bc4d Mon Sep 17 00:00:00 2001
|
||||
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||
Date: Mon, 20 May 2019 00:20:35 +0000
|
||||
Subject: [PATCH] upstream: When signing certificates with an RSA key, default
|
||||
to
|
||||
|
||||
using the rsa-sha2-512 signature algorithm. Certificates signed by RSA keys
|
||||
will therefore be incompatible with OpenSSH < 7.2 unless the default is
|
||||
overridden.
|
||||
|
||||
Document the ability of the ssh-keygen -t flag to override the
|
||||
signature algorithm when signing certificates, and the new default.
|
||||
|
||||
ok deraadt@
|
||||
|
||||
OpenBSD-Commit-ID: 400c9c15013978204c2cb80f294b03ae4cfc8b95
|
||||
---
|
||||
ssh-keygen.1 | 13 +++++++++++--
|
||||
sshkey.c | 9 ++++++++-
|
||||
2 files changed, 19 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/ssh-keygen.1 b/ssh-keygen.1
|
||||
index f29774249..673bf6e2f 100644
|
||||
--- a/ssh-keygen.1
|
||||
+++ b/ssh-keygen.1
|
||||
@@ -35,7 +35,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
-.Dd $Mdocdate: March 5 2019 $
|
||||
+.Dd $Mdocdate: May 20 2019 $
|
||||
.Dt SSH-KEYGEN 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
@@ -577,6 +577,15 @@ The possible values are
|
||||
.Dq ed25519 ,
|
||||
or
|
||||
.Dq rsa .
|
||||
+.Pp
|
||||
+This flag may also be used to specify the desired signature type when
|
||||
+signing certificates using a RSA CA key.
|
||||
+The available RSA signature variants are
|
||||
+.Dq ssh-rsa
|
||||
+(SHA1 signatures, not recommended),
|
||||
+.Dq rsa-sha2-256
|
||||
+.Dq rsa-sha2-512
|
||||
+(the default).
|
||||
.It Fl U
|
||||
When used in combination with
|
||||
.Fl s ,
|
||||
diff --git a/sshkey.c b/sshkey.c
|
||||
index 9849cb237..379a579cf 100644
|
||||
--- a/sshkey.c
|
||||
+++ b/sshkey.c
|
||||
@@ -2528,6 +2528,13 @@ sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg,
|
||||
strcmp(alg, k->cert->signature_type) != 0)
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
|
||||
+ /*
|
||||
+ * If no signing algorithm or signature_type was specified and we're
|
||||
+ * using a RSA key, then default to a good signature algorithm.
|
||||
+ */
|
||||
+ if (alg == NULL && ca->type == KEY_RSA)
|
||||
+ alg = "rsa-sha2-512";
|
||||
+
|
||||
if ((ret = sshkey_to_blob(ca, &ca_blob, &ca_len)) != 0)
|
||||
return SSH_ERR_KEY_CERT_INVALID_SIGN_KEY;
|
||||
|
||||
|
33
SOURCES/openssh-8.0p1-keyscan-rsa-sha2.patch
Normal file
33
SOURCES/openssh-8.0p1-keyscan-rsa-sha2.patch
Normal file
@ -0,0 +1,33 @@
|
||||
From 7250879c72d28275a53f2f220e49646c3e42ef18 Mon Sep 17 00:00:00 2001
|
||||
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||
Date: Fri, 12 Jul 2019 04:08:39 +0000
|
||||
Subject: [PATCH] upstream: include SHA2-variant RSA key algorithms in KEX
|
||||
proposal;
|
||||
|
||||
allows ssh-keyscan to harvest keys from servers that disable olde SHA1
|
||||
ssh-rsa. bz#3029 from Jakub Jelen
|
||||
|
||||
OpenBSD-Commit-ID: 9f95ebf76a150c2f727ca4780fb2599d50bbab7a
|
||||
---
|
||||
ssh-keyscan.c | 9 +++++++--
|
||||
1 file changed, 7 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
|
||||
index d95ba1b37..d383b57b9 100644
|
||||
--- a/ssh-keyscan.c
|
||||
+++ b/ssh-keyscan.c
|
||||
@@ -233,7 +233,12 @@ keygrab_ssh2(con *c)
|
||||
break;
|
||||
case KT_RSA:
|
||||
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ?
|
||||
- "ssh-rsa-cert-v01@openssh.com" : "ssh-rsa";
|
||||
+ "rsa-sha2-512-cert-v01@openssh.com,"
|
||||
+ "rsa-sha2-256-cert-v01@openssh.com,"
|
||||
+ "ssh-rsa-cert-v01@openssh.com" :
|
||||
+ "rsa-sha2-512,"
|
||||
+ "rsa-sha2-256,"
|
||||
+ "ssh-rsa";
|
||||
break;
|
||||
case KT_ED25519:
|
||||
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ?
|
||||
|
@ -2583,7 +2583,8 @@ index 70f06bff..59332945 100644
|
||||
}
|
||||
- if (p->nslots == 0) {
|
||||
+ if (m->nslots == 0) {
|
||||
error("%s: provider %s returned no slots", __func__,
|
||||
- error("%s: provider %s returned no slots", __func__,
|
||||
+ debug("%s: provider %s returned no slots", __func__,
|
||||
- provider_id);
|
||||
+ provider_module);
|
||||
ret = -SSH_PKCS11_ERR_NO_SLOTS;
|
||||
|
33
SOURCES/openssh-8.0p1-proxyjump-loops.patch
Normal file
33
SOURCES/openssh-8.0p1-proxyjump-loops.patch
Normal file
@ -0,0 +1,33 @@
|
||||
From de1f3564cd85915b3002859873a37cb8d31ac9ce Mon Sep 17 00:00:00 2001
|
||||
From: "dtucker@openbsd.org" <dtucker@openbsd.org>
|
||||
Date: Tue, 18 Feb 2020 08:49:49 +0000
|
||||
Subject: [PATCH] upstream: Detect and prevent simple configuration loops when
|
||||
using
|
||||
|
||||
ProxyJump. bz#3057, ok djm@
|
||||
|
||||
OpenBSD-Commit-ID: 077d21c564c886c98309d871ed6f8ef267b9f037
|
||||
---
|
||||
ssh.c | 10 +++++++++-
|
||||
1 file changed, 9 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/ssh.c b/ssh.c
|
||||
index 15aee569e..a983a108b 100644
|
||||
--- a/ssh.c
|
||||
+++ b/ssh.c
|
||||
@@ -1208,6 +1208,14 @@ main(int ac, char **av)
|
||||
if (options.jump_host != NULL) {
|
||||
char port_s[8];
|
||||
const char *sshbin = argv0;
|
||||
+ int port = options.port, jumpport = options.jump_port;
|
||||
+
|
||||
+ if (port <= 0)
|
||||
+ port = default_ssh_port();
|
||||
+ if (jumpport <= 0)
|
||||
+ jumpport = default_ssh_port();
|
||||
+ if (strcmp(options.jump_host, host) == 0 && port == jumpport)
|
||||
+ fatal("jumphost loop via %s", options.jump_host);
|
||||
|
||||
/*
|
||||
* Try to use SSH indicated by argv[0], but fall back to
|
||||
|
44
SOURCES/openssh-8.0p1-rdomain.patch
Normal file
44
SOURCES/openssh-8.0p1-rdomain.patch
Normal file
@ -0,0 +1,44 @@
|
||||
commit 5481d0b4036b33b92c372ee36258ed11bff57d5d
|
||||
Author: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Thu Feb 27 10:07:33 2020 +0100
|
||||
|
||||
Mark the RDomain configuration option unsupported on non-openbsd builds
|
||||
|
||||
diff --git a/servconf.c b/servconf.c
|
||||
index db80e943..153d2525 100644
|
||||
--- a/servconf.c
|
||||
+++ b/servconf.c
|
||||
@@ -698,7 +698,11 @@ static struct {
|
||||
{ "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL },
|
||||
{ "disableforwarding", sDisableForwarding, SSHCFG_ALL },
|
||||
{ "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL },
|
||||
+#if defined(__OpenBSD__)
|
||||
{ "rdomain", sRDomain, SSHCFG_ALL },
|
||||
+#else
|
||||
+ { "rdomain", sUnsupported, SSHCFG_ALL },
|
||||
+#endif
|
||||
{ "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL },
|
||||
{ NULL, sBadOption, 0 }
|
||||
};
|
||||
@@ -2841,7 +2845,9 @@ dump_config(ServerOptions *o)
|
||||
o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG);
|
||||
dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ?
|
||||
o->pubkey_key_types : KEX_DEFAULT_PK_ALG);
|
||||
+#if defined(__OpenBSD__)
|
||||
dump_cfg_string(sRDomain, o->routing_domain);
|
||||
+#endif
|
||||
|
||||
/* string arguments requiring a lookup */
|
||||
dump_cfg_string(sLogLevel, log_level_name(o->log_level));
|
||||
diff --git a/sshd_config.5 b/sshd_config.5
|
||||
index 5dca8981..766e9b90 100644
|
||||
--- a/sshd_config.5
|
||||
+++ b/sshd_config.5
|
||||
@@ -1542,6 +1542,7 @@ will be bound to this
|
||||
If the routing domain is set to
|
||||
.Cm \&%D ,
|
||||
then the domain in which the incoming connection was received will be applied.
|
||||
+This feature is available on OpenBSD only.
|
||||
.It Cm SetEnv
|
||||
Specifies one or more environment variables to set in child sessions started
|
||||
by
|
30
SOURCES/openssh-8.0p1-x11-without-ipv6.patch
Normal file
30
SOURCES/openssh-8.0p1-x11-without-ipv6.patch
Normal file
@ -0,0 +1,30 @@
|
||||
diff --git a/channels.c b/channels.c
|
||||
--- a/channels.c
|
||||
+++ b/channels.c
|
||||
@@ -3933,16 +3933,26 @@ x11_create_display_inet(int x11_display_
|
||||
if (ai->ai_family == AF_INET6)
|
||||
sock_set_v6only(sock);
|
||||
if (x11_use_localhost)
|
||||
set_reuseaddr(sock);
|
||||
if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
|
||||
debug2("%s: bind port %d: %.100s", __func__,
|
||||
port, strerror(errno));
|
||||
close(sock);
|
||||
+
|
||||
+ /* do not remove successfully opened
|
||||
+ * sockets if the request failed because
|
||||
+ * the protocol IPv4/6 is not available
|
||||
+ * (e.g. IPv6 may be disabled while being
|
||||
+ * supported)
|
||||
+ */
|
||||
+ if (EADDRNOTAVAIL == errno)
|
||||
+ continue;
|
||||
+
|
||||
for (n = 0; n < num_socks; n++)
|
||||
close(socks[n]);
|
||||
num_socks = 0;
|
||||
break;
|
||||
}
|
||||
socks[num_socks++] = sock;
|
||||
if (num_socks == NUM_SOCKS)
|
||||
break;
|
@ -6,6 +6,12 @@
|
||||
# of DSA key or systemctl mask sshd-keygen@rsa.service to disable RSA key
|
||||
# creation.
|
||||
|
||||
# Do not change this option unless you have hardware random
|
||||
# generator and you REALLY know what you are doing
|
||||
|
||||
SSH_USE_STRONG_RNG=0
|
||||
# SSH_USE_STRONG_RNG=1
|
||||
|
||||
# System-wide crypto policy:
|
||||
# To opt-out, uncomment the following line
|
||||
# CRYPTO_POLICY=
|
||||
|
@ -66,7 +66,7 @@
|
||||
|
||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||
%global openssh_ver 8.0p1
|
||||
%global openssh_rel 3
|
||||
%global openssh_rel 5
|
||||
%global pam_ssh_agent_ver 0.10.3
|
||||
%global pam_ssh_agent_rel 7
|
||||
|
||||
@ -216,6 +216,20 @@ Patch963: openssh-8.0p1-openssl-evp.patch
|
||||
Patch964: openssh-8.0p1-openssl-kdf.patch
|
||||
# Use new OpenSSL for PEM export to avoid MD5 dependency (#1712436)
|
||||
Patch965: openssh-8.0p1-openssl-pem.patch
|
||||
# Seed from dev/random if requested (#1785655)
|
||||
Patch966: openssh-8.0p1-entropy.patch
|
||||
# Unbreak ssh-keyscan RSA keys without SHA1 (#1744108)
|
||||
Patch967: openssh-8.0p1-keyscan-rsa-sha2.patch
|
||||
# Detect proxyJump loops in configuration files (#1804099)
|
||||
Patch968: openssh-8.0p1-proxyjump-loops.patch
|
||||
# ssh-keygen should default to SHA2-based signature algorithm (#1790610)
|
||||
Patch969: openssh-8.0p1-keygen-sha2.patch
|
||||
# RDomain is not suported on non-OpenBSD (#1807686)
|
||||
# https://bugzilla.mindrot.org/show_bug.cgi?id=3126
|
||||
Patch970: openssh-8.0p1-rdomain.patch
|
||||
# Do not fail X11 forwarding if IPv6 is disabled (#1662189)
|
||||
# https://bugzilla.mindrot.org/show_bug.cgi?id=2143
|
||||
Patch971: openssh-8.0p1-x11-without-ipv6.patch
|
||||
|
||||
License: BSD
|
||||
Group: Applications/Internet
|
||||
@ -239,7 +253,6 @@ BuildRequires: autoconf, automake, perl-interpreter, perl-generators, zlib-devel
|
||||
BuildRequires: audit-libs-devel >= 2.0.5
|
||||
BuildRequires: util-linux, groff
|
||||
BuildRequires: pam-devel
|
||||
BuildRequires: fipscheck-devel >= 1.3.0
|
||||
BuildRequires: openssl-devel >= 0.9.8j
|
||||
BuildRequires: perl-podlators
|
||||
BuildRequires: systemd-devel
|
||||
@ -270,7 +283,6 @@ BuildRequires: gnupg2
|
||||
Summary: An open source SSH client applications
|
||||
Group: Applications/Internet
|
||||
Requires: openssh = %{version}-%{release}
|
||||
Requires: fipscheck-lib%{_isa} >= 1.3.0
|
||||
Requires: crypto-policies >= 20180306-1
|
||||
|
||||
%package server
|
||||
@ -279,7 +291,6 @@ Group: System Environment/Daemons
|
||||
Requires: openssh = %{version}-%{release}
|
||||
Requires(pre): /usr/sbin/useradd
|
||||
Requires: pam >= 1.0.1-3
|
||||
Requires: fipscheck-lib%{_isa} >= 1.3.0
|
||||
Requires: crypto-policies >= 20180306-1
|
||||
%{?systemd_requires}
|
||||
|
||||
@ -431,6 +442,12 @@ popd
|
||||
%patch963 -p1 -b .openssl-evp
|
||||
%patch964 -p1 -b .openssl-kdf
|
||||
%patch965 -p1 -b .openssl-pem
|
||||
%patch966 -p1 -b .entropy
|
||||
%patch967 -p1 -b .keyscan
|
||||
%patch968 -p1 -b .proxyjump-loops
|
||||
%patch969 -p1 -b .keygen-sha2
|
||||
%patch970 -p1 -b .rdomain
|
||||
%patch971 -p1 -b .x11-ipv6
|
||||
|
||||
%patch200 -p1 -b .audit
|
||||
%patch201 -p1 -b .audit-race
|
||||
@ -556,14 +573,6 @@ make
|
||||
popd
|
||||
%endif
|
||||
|
||||
# Add generation of HMAC checksums of the final stripped binaries
|
||||
%global __spec_install_post \
|
||||
%%{?__debug_package:%%{__debug_install_post}} \
|
||||
%%{__arch_install_post} \
|
||||
%%{__os_install_post} \
|
||||
fipshmac -d $RPM_BUILD_ROOT%{_libdir}/fipscheck $RPM_BUILD_ROOT%{_bindir}/ssh $RPM_BUILD_ROOT%{_sbindir}/sshd \
|
||||
%{nil}
|
||||
|
||||
%check
|
||||
#to run tests use "--with check"
|
||||
%if %{?_with_check:1}%{!?_with_check:0}
|
||||
@ -582,7 +591,6 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/ssh/ldap.conf
|
||||
install -d $RPM_BUILD_ROOT/etc/pam.d/
|
||||
install -d $RPM_BUILD_ROOT/etc/sysconfig/
|
||||
install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
|
||||
install -d $RPM_BUILD_ROOT%{_libdir}/fipscheck
|
||||
install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd
|
||||
install -m644 %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/ssh-keycat
|
||||
install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/sysconfig/sshd
|
||||
@ -653,7 +661,6 @@ getent passwd sshd >/dev/null || \
|
||||
|
||||
%files clients
|
||||
%attr(0755,root,root) %{_bindir}/ssh
|
||||
%attr(0644,root,root) %{_libdir}/fipscheck/ssh.hmac
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh.1*
|
||||
%attr(0755,root,root) %{_bindir}/scp
|
||||
%attr(0644,root,root) %{_mandir}/man1/scp.1*
|
||||
@ -680,7 +687,6 @@ getent passwd sshd >/dev/null || \
|
||||
%files server
|
||||
%dir %attr(0711,root,root) %{_var}/empty/sshd
|
||||
%attr(0755,root,root) %{_sbindir}/sshd
|
||||
%attr(0644,root,root) %{_libdir}/fipscheck/sshd.hmac
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/sshd-keygen
|
||||
%attr(0644,root,root) %{_mandir}/man5/sshd_config.5*
|
||||
@ -733,6 +739,24 @@ getent passwd sshd >/dev/null || \
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Mar 24 2020 Jakub Jelen <jjelen@redhat.com> - 8.0p1-5 + 0.10.3-7
|
||||
- Do not print "no slots" warning by default (#1744220)
|
||||
- Unbreak connecting using gssapi through proxy commands (#1749862)
|
||||
- Document in manual pages that CASignatureAlgorithms are handled by crypto policies (#1790604)
|
||||
- Use SHA2-based signature algorithms by default for signing certificates (#1790610)
|
||||
- Prevent simple ProxyJump loops in configuration files (#1804099)
|
||||
- Teach ssh-keyscan to use SHA2 RSA variants (#1744108)
|
||||
- Do not fail hard if getrandom() is not available and no SSH_USE_STRONG_RNG is specified (#1812120)
|
||||
- Improve wording of crypto policies references in manual pages (#1812854)
|
||||
- Do not break X11 forwarding if IPv6 is disabled (#1662189)
|
||||
- Enable SHA2-based GSSAPI key exchange algorithms by default (#1816226)
|
||||
- Mark RDomain server configuration option unsupported in RHEL (#1807686)
|
||||
- Clarify crypto policies defaults in manual pages (#1724195)
|
||||
- Mention RSA SHA2 variants in ssh-keygen manual page (#1665900)
|
||||
|
||||
* Wed Jan 08 2020 Jakub Jelen <jjelen@redhat.com> - 8.0p1-4 + 0.10.3-7
|
||||
- Restore entropy patch for CC certification (#1785655)
|
||||
|
||||
* Tue Jul 23 2019 Jakub Jelen <jjelen@redhat.com> - 8.0p1-3 + 0.10.3-7
|
||||
- Fix typos in manual pages (#1668325)
|
||||
- Use the upstream support for PKCS#8 PEM files alongside with the legacy PEM files (#1712436)
|
||||
|
Loading…
Reference in New Issue
Block a user