diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2022-09-17 10:34:29 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2022-09-17 20:39:02 +1000 |
| commit | 1875042c52a3b950ae5963c9ca3774a4cc7f0380 (patch) | |
| tree | 565cb2e51ec10a389be85eab619cd379d83545ea | |
| parent | 54b333d12e55e6560b328c737d514ff3511f1afd (diff) | |
upstream: Add RequiredRSASize for sshd(8); RSA keys that fall
beneath this limit will be ignored for user and host-based authentication.
Feedback deraadt@ ok markus@
OpenBSD-Commit-ID: 187931dfc19d51873df5930a04f2d972adf1f7f1
| -rw-r--r-- | auth2-hostbased.c | 7 | ||||
| -rw-r--r-- | auth2-pubkey.c | 7 | ||||
| -rw-r--r-- | servconf.c | 13 | ||||
| -rw-r--r-- | servconf.h | 3 | ||||
| -rw-r--r-- | sshd.c | 9 | ||||
| -rw-r--r-- | sshd_config.5 | 14 |
6 files changed, 46 insertions, 7 deletions
diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 36b9d2f5..6b517db4 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.49 2022/01/06 22:01:14 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.50 2022/09/17 10:34:29 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -119,6 +119,11 @@ userauth_hostbased(struct ssh *ssh, const char *method) "(null)" : key->cert->signature_type); goto done; } + if ((r = sshkey_check_rsa_length(key, + options.required_rsa_size)) != 0) { + logit_r(r, "refusing %s key", sshkey_type(key)); + goto done; + } if (!authctxt->valid || authctxt->user == NULL) { debug2_f("disabled because of invalid user"); diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 962fd342..5d59febc 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.116 2022/06/15 16:08:25 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.117 2022/09/17 10:34:29 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -175,6 +175,11 @@ userauth_pubkey(struct ssh *ssh, const char *method) "(null)" : key->cert->signature_type); goto done; } + if ((r = sshkey_check_rsa_length(key, + options.required_rsa_size)) != 0) { + logit_r(r, "refusing %s key", sshkey_type(key)); + goto done; + } key_s = format_key(key); if (sshkey_is_cert(key)) ca_s = format_key(key->cert->signature_key); @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.385 2022/06/03 04:30:47 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.386 2022/09/17 10:34:29 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -195,6 +195,7 @@ initialize_server_options(ServerOptions *options) options->fingerprint_hash = -1; options->disable_forwarding = -1; options->expose_userauth_info = -1; + options->required_rsa_size = -1; } /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ @@ -441,6 +442,8 @@ fill_default_server_options(ServerOptions *options) options->expose_userauth_info = 0; if (options->sk_provider == NULL) options->sk_provider = xstrdup("internal"); + if (options->required_rsa_size == -1) + options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; assemble_algorithms(options); @@ -517,6 +520,7 @@ typedef enum { sStreamLocalBindMask, sStreamLocalBindUnlink, sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, + sRequiredRSASize, sDeprecated, sIgnore, sUnsupported } ServerOpCodes; @@ -676,6 +680,7 @@ static struct { { "rdomain", sRDomain, SSHCFG_ALL }, { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, + { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, { NULL, sBadOption, 0 } }; @@ -2438,6 +2443,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, *charptr = xstrdup(arg); break; + case sRequiredRSASize: + intptr = &options->required_rsa_size; + goto parse_int; + case sDeprecated: case sIgnore: case sUnsupported: @@ -2610,6 +2619,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(rekey_limit); M_CP_INTOPT(rekey_interval); M_CP_INTOPT(log_level); + M_CP_INTOPT(required_rsa_size); /* * The bind_mask is a mode_t that may be unsigned, so we can't use @@ -2874,6 +2884,7 @@ dump_config(ServerOptions *o) dump_cfg_int(sMaxSessions, o->max_sessions); dump_cfg_int(sClientAliveInterval, o->client_alive_interval); dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); + dump_cfg_int(sRequiredRSASize, o->required_rsa_size); dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); /* formatted integer arguments */ @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.156 2022/03/18 04:04:11 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.157 2022/09/17 10:34:29 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -229,6 +229,7 @@ typedef struct { int expose_userauth_info; u_int64_t timing_secret; char *sk_provider; + int required_rsa_size; /* minimum size of RSA keys */ } ServerOptions; /* Information about the incoming connection as used by Match */ @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.590 2022/07/01 05:08:23 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.591 2022/09/17 10:34:29 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1870,6 +1870,13 @@ main(int ac, char **av) fatal_r(r, "Could not demote key: \"%s\"", options.host_key_files[i]); } + if (pubkey != NULL && (r = sshkey_check_rsa_length(pubkey, + options.required_rsa_size)) != 0) { + error_fr(r, "Host key %s", options.host_key_files[i]); + sshkey_free(pubkey); + sshkey_free(key); + continue; + } sensitive_data.host_keys[i] = key; sensitive_data.host_pubkeys[i] = pubkey; diff --git a/sshd_config.5 b/sshd_config.5 index 867a747d..f5a06637 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.342 2022/06/24 04:27:14 djm Exp $ -.Dd $Mdocdate: June 24 2022 $ +.\" $OpenBSD: sshd_config.5,v 1.343 2022/09/17 10:34:29 djm Exp $ +.Dd $Mdocdate: September 17 2022 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1596,6 +1596,16 @@ is .Cm default none , which means that rekeying is performed after the cipher's default amount of data has been sent or received and no time based rekeying is done. +.It Cm RequiredRSASize +Specifies the minimum RSA key size (in bits) that +.Xr sshd 8 +will accept. +User and host-based authentication keys smaller than this limit will be +refused. +The default is +.Cm 1024 +bits. +Note that this limit may only be raised from the default. .It Cm RevokedKeys Specifies revoked public keys file, or .Cm none |