Uploaded image for project: 'MINA SSHD'
  1. MINA SSHD
  2. SSHD-1107

Diffie Hellmann group exchange minimum key size should be configurable for security reasons

Agile BoardAttach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.5.1
    • 2.6.0
    • None

    Description

      Currently the minimum key size for DH group exchange is 1024 bit (for example when using diffie-hellman-group-exchange-sha256 for KEX)

      This is below the current recommendations of 2048 bit (see NIST, Table 2-1 and https://tools.ietf.org/id/draft-ietf-curdle-ssh-kex-sha2-09.html#rfc.section.3.4).

      For compatibility reasons it is still essential to support diffie-hellman-group-exchange-sha256, but the minimum key size should be configurable, so that a server operator can harden its server.

      The minimum size is hardcoded in org.apache.sshd.common.util.security.SecurityUtils#MIN_DHGEX_KEY_SIZE

      This could be made configurable via a system property like one already exists for the maximum (see MAX_DHGEX_KEY_SIZE_PROP)

       

      Attachments

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            lgoldstein Lyor Goldstein
            ahuegendp Achim Hügen
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment