Created
December 17, 2016 12:15
-
-
Save radekg/91a8468fc6b26de7420b243b617e55af to your computer and use it in GitHub Desktop.
A gem from Hacker News
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Source: https://news.ycombinator.com/item?id=13198567 | |
| Always, always, always generate your own SSH moduli. | |
| reply | |
| notyourwork 4 hours ago [-] | |
| For those uninformed you should expand on this to. It is a great suggestion but a statement like this to a uninformed isn't very helpful. | |
| reply | |
| poisonarena 4 hours ago [-] | |
| please elaborate! | |
| reply | |
| knweiss 1 hour ago [-] | |
| From the OpenSSH moduli(5) man page: | |
| "When performing Diffie-Hellman Group Exchange, sshd(8) | |
| first estimates the size of the modulus required to | |
| produce enough Diffie-Hellman output to sufficiently | |
| key the selected symmetric cipher. sshd(8) then randomly | |
| selects a modulus from /etc/ssh/moduli that best meets | |
| the size requirement." | |
| The problem is | |
| a) OS distributions ship pre-computed moduli in the /etc/ssh/moduli file. I.e. most users don't change these moduli. This facilitates pre-computation attacks. | |
| b) These moduli are often too short (<2048 bit). | |
| You can create your own moduli with ssh-keygen (see the "MODULI GENERATION" section in the ssh-keygen manpage). | |
| FWIW: Here's my open bug for RHEL7 where I try to convince Red Hat to improve the situation (including more details and references): | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1396943 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment