mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guillaume Nodet <gno...@apache.org>
Subject Re: fallback to weaker DH algorithms, moduli file integrity and generating
Date Thu, 16 Oct 2014 21:35:14 GMT
I'm quite reluctant to add code which is completely unused.
I think it should be possible to modify the DHGEX class to leverage that
code if a boolean property is set on the ServerFactoryManager.
Something like MODULI_CHECK_FINGERPRINT and also a MODULI_FINGERPRINT_SALT
and MODULI_FINGERPRINT_URL maybe.
If the first one is true, then use the code you pasted below to actually
verify the fingerprints, else simply ignore it.

If you're wiling to work on that, please create a JIRA issue.

2014-10-15 16:53 GMT+02:00 Pawel Sm7 <pawel.sm7@gmail.com>:

> Hello,
>
> My plan would be not to change Mina SSHD existing classes, but give
> people using Mina SSHD a new class to use fingerprints if needed.
>
>
>
> It could be used e.g.:
>
> In org.apache.sshd.server.kex.DHGEX:
>
> private DH chooseDH(int min, int prf, int max) throws Exception {
>         ModuliFingerprint mf = new ModuliFingerprint();
>         mf.setSalt(.....);
>
>         try {
>             mf.checkModuliFingerprint(MODULI_FILE, MODULI_FINGERPRINT);
>         } catch (Exception e) {
>             throw e;
>         }
> ......
>
> Here if moduli was tampered, fingerprints do not match and exception
> is generated. SSHD is not started.
>
> Earlier you need to generate fingerprint for the existing moduli file
> using createModuliFingerprint() method.
>
>
> I didn't want to update Mina SSHD existing classes because everyone
> who wants to use fingerprints needs to generate its own secret salt
> using setSalt() method as in the example above. It has to be secret,
> so I did not want to force existing SSHD classes to use fingerprints.
>
> Please let me know your opinion.
>
> Regards,
>
> Pawel
>
>
>
> 2014-10-13 17:52 GMT+02:00 Guillaume Nodet <gnodet@apache.org>:
> > How do you plan to change sshd to use this class ?
> >
> > 2014-10-13 17:07 GMT+02:00 Pawel Sm7 <pawel.sm7@gmail.com>:
> >
> >> Hello,
> >>
> >> Please find attached proposal of moduli fingerprint functionality.
> >>
> >> Please let me know if you have any comments and if you plan add this
> >> functionality to Apache Mina SSHD.
> >>
> >> Regards,
> >>
> >> Pawel
> >>
> >>
> >> 2014-04-30 16:36 GMT+02:00 Pawel Sm7 <pawel.sm7@gmail.com>:
> >> > Hello,
> >> >
> >> > I have 3 issues I would like to discuss.
> >> >
> >> > 1. Handling error scenarios if Prime cannot be found.
> >> > Mina does not support fallback to weaker Diffie-Hellman algorithm if
> >> Prime
> >> > cannot be found.
> >> >
> >> > The failure approach of fall-thru to weaker Diffie-Hellman algorithm,
> >> e.g.
> >> > Group14 (embedded within the Code) if Prime cannot be found, either
> due
> >> to
> >> > MODULI File Access Errors or Prime Not Found in the File, is the
> typical
> >> > approach of most SSH Server Implementations.
> >> > OpenSSH follows this paradigm. Also it would help in communications
> >> > robustness.
> >> > It would be also nice to have a log event when the fallback happens.
> >> > Do you agree that this is an issue? When could it be implemented?
> >> >
> >> > 2. Moduli file integrity handling.
> >> > Could you create e.g. a SHA-256 hash fingerprint of the moduli file
> >> > contents, store it somewhere and add validation of moduli file using
> the
> >> > fingerprint.
> >> > This way we can deal with unauthorized tampering of moduli file. It is
> >> > potential security issue.
> >> >
> >> > 3. Moduli file generator
> >> > Is there a roadmap to add a moduli generator so that there’s full
> support
> >> > for group exchange generation and usage within Mina?
> >> > e.g. Primes could be regenerated also when moduli file is corrupted.
> >> >
> >> >
> >> > Regards,
> >> >
> >> > Pawel
> >>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message