Bug 25723

Summary: OpenSSH on 4.2 excessively regenerates RSA host key
Product: Base System Reporter: seraf <seraf>
Component: binAssignee: Brian Feldman <green>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description seraf 2001-03-12 06:10:01 UTC 
When an SSH-2 session is started with FreeBSD 4.2's sshd in "Protocol 1,2" mode (i.e., accepting both SSH-1 and SSH-2 protocols), sshd maintains an RSA host key for use with SSH-1. The life of this key, ONCE IT HAS BEEN USED, is controlled by "KeyRegenerationInterval". However, when an SSH-2 connection is established, which does not utilize said key, said key is considered "used" anyway, increasing the number of key regenerations unnecessarily.

How-To-Repeat: /etc/ssh/sshd_config contains "Protocols 1,2" and "KeyRegenerationInterval 1" (to make the bug dramatic ;-). Enter: "ssh -2 somebody@localhost" and then examine your sshd logs. You will see that each time an SSH-2 connection is formed, the SSH-1 RSA host key regenerates unnecessarily.
Comment 1 bsddiy 2001-03-12 06:21:35 UTC 
Hello seraf,

Monday, March 12, 2001, 2:07:31 PM, you wrote:


>>Number:         25723
>>Category:       bin
>>Synopsis:       OpenSSH on 4.2 excessively regenerates RSA host key
>>Confidential:   no
>>Severity:       non-critical
>>Priority:       medium
>>Responsible:    freebsd-bugs
>>State:          open
>>Quarter:        
>>Keywords:       
>>Date-Required:
>>Class:          sw-bug
>>Submitter-Id:   current-users
>>Arrival-Date:   Sun Mar 11 22:10:01 PST 2001
>>Closed-Date:
>>Last-Modified:
>>Originator:     Dominick LaTrappe
>>Release:        4.2-20010212-STABLE
>>Organization:
>>Environment:
s2c> FreeBSD pocks.tdl-m.sambuca 4.2-20010212-STABLE FreeBSD 4.2-20010212-STABLE #4: Wed Feb 13 08:09:25 UTC 2001     sysbuild@protopocks.tdl.dev.sambuca :/usr/src/sys/compile/POCKS_M  i386
>>Description:
s2c> When an SSH-2 session is started with FreeBSD 4.2's sshd in "Protocol 1,2" mode (i.e., accepting both SSH-1 and SSH-2 protocols), sshd maintains an RSA host key for use with SSH-1. The life of
s2c> this key, ONCE IT HAS BEEN USED, is controlled by "KeyRegenerationInterval". However, when an SSH-2 connection is established, which does not utilize said key, said key is considered "used"
s2c> anyway, increasing the number of key regenerations unnecessarily.
>>How-To-Repeat:
s2c> /etc/ssh/sshd_config contains "Protocols 1,2" and "KeyRegenerationInterval 1" (to make the bug dramatic ;-). Enter: "ssh -2 somebody@localhost" and then examine your sshd logs. You will see that
s2c> each time an SSH-2 connection is formed, the SSH-1 RSA host key regenerates unnecessarily.
>>Fix:

I think this is a feature of SSH-2 to avoid key guess attack.

-- 
David Xu
Comment 2 Kris Kennaway freebsd_committer freebsd_triage 2001-03-12 06:28:00 UTC 
Responsible Changed
From-To: freebsd-bugs->green

Brian is the SSH maintainer
Comment 3 Kris Kennaway 2001-07-13 01:26:53 UTC 
On Sun, Mar 11, 2001 at 10:07:31PM -0800, seraf@2600.com wrote:

> When an SSH-2 session is started with FreeBSD 4.2's sshd in
> "Protocol 1,2" mode (i.e., accepting both SSH-1 and SSH-2
> protocols), sshd maintains an RSA host key for use with SSH-1. The
> life of this key, ONCE IT HAS BEEN USED, is controlled by
> "KeyRegenerationInterval". However, when an SSH-2 connection is
> established, which does not utilize said key, said key is considered
> "used" anyway, increasing the number of key regenerations
> unnecessarily.

BTW, this bug should be reported to the OpenSSH developers (see
www.openssh.com), not FreeBSD, since we don't maintain unnecessary
OpenSSH changes separately to the main project.

Kris
Comment 4 Brian Feldman freebsd_committer freebsd_triage 2003-07-13 05:16:17 UTC 
State Changed
From-To: open->closed

Old/not FreeBSD bug.