-
Story
-
Resolution: Won't Do
-
Undefined
-
None
-
None
-
None
-
Normal
-
sst_security_crypto
-
ssg_security
-
False
-
-
Red Hat Enterprise Linux
Goal
Customers want to be able to connect using ssh from RHEL9 systems to RHEL6 systems for example, or 3rd party appliances only providing ssh-rsa.
The easiest way to do so is to enable SHA1 module, but this makes the whole system quite insecure.
I didn't find any way to implement the functionality without requiring the following operations, which is definitely too complicated:
- First enable SHA1 on the RHEL9 system
# update-crypto-policies --set DEFAULT:SHA1
- Copy opensslcnf and openssh configuration files
# cp /etc/crypto-policies/back-ends/opensslcnf.config /etc/crypto-policies/back-ends/opensslcnf+sha1.config # cp /etc/crypto-policies/back-ends/openssh.config /etc/crypto-policies/back-ends/openssh+sha1.config
- Switch system back to DEFAULT
# update-crypto-policies --set DEFAULT
- Copy openssl configuration file and edit it to use the new openssl configuration
# sed "s#opensslcnf.config#opensslcnf+sha1.config#" /etc/ssl/openssl.cnf > /etc/ssl/openssl+sha1.cnf
- Create a system-wide ssh configuration file matching the host to load the specific openssh configuration file
# vim /etc/ssh/ssh_config.d/10-sha1.conf ... editor opens ... Match host <identifier> Hostname <hostname> Port <port> Include /etc/crypto-policies/back-ends/openssh+sha1.config
The `<identifier>` will be some name referring to the target system+port information.
For example `legacy-1234`. `<hostname>` would be `legacy` and `<port>` 1234. - Finally whenever connecting to the service, set the OPENSSL_CONF variable in the environment when connecting
$ OPENSSL_CONF=/etc/ssl/openssl+sha1.cnf ssh legacy-1234
Clearly this is way too complicated.
It appears reusing the SHA1.pmod module could be a possibility, but this still requires enabling SHA globally for openssl backend, which still loosen the security of the system:
# cat /etc/crypto-policies/policies/modules/SSH-SHA1.pmod hash@openssh-client = SHA1+ hash@openssl = SHA1+ <<<<<< THIS IS REQUIRED BUT SHOULD NOT (IDEALLY) sign@openssh-client = ECDSA-SHA1+ RSA-PSS-SHA1+ RSA-SHA1+ sha1_in_certs@openssh-client = 1
Additional notes
The documentation we have 3.7.1. Examples of opting out of system-wide crypto policies states it's enough to modify the ssh configuration "locally", but in fact it's not true, at least for SHA1:
To opt out of system-wide cryptographic policies for your OpenSSH client, perform one of the following tasks: - For a given user, override the global ssh_config with a user-specific configuration in the ~/.ssh/config file. - For the entire system, specify the cryptographic policy in a drop-in configuration file located in the /etc/ssh/ssh_config.d/ directory, with a two-digit number prefix smaller than 50, so that it lexicographically precedes the 50-redhat.conf file, and with a .conf suffix, for example, 49-crypto-policy-override.conf. See the ssh_config(5) man page for more information.