Debian (and derivatives) OpenSSL-based keys vulnerability

Dominic White

 

Debian (and derivatives) OpenSSL-based keys vulnerability

Debian released a patch to OpenSSL based on a Debian-specific bug resulting in random numbers being used for the secret parts of key generation not being so random (due to the random number generater not being seeded). Quoting from the mailing list announcement:

Affected keys include SSH keys, OpenVPN keys, DNSSEC keys, and key material for use in X.509 certificates and session keys used in SSL/TLS connections [generated after 2006-09-17]. Keys generated with GnuPG or GNUTLS are not affected, though.

Ubuntu has also released a security announcement stating they too are affected (which likely means other Debian based distros are too, like the Xandros on your Asus EEE PC). In their words:

We consider this an extremely serious vulnerability, and urge all users to act immediately to secure their systems.

In our instance we needed to regenerate several SSH host keys. For ease of use, here are instructions for doing so. Please not these instructions are superceeded by the instructions which will be posted here (but aren't yet).

You can just delete the kys in /etc/ssh and restart ssh. However, I was a bit nervous about visiting our hosting providers cage to fix things and took a more cautious approach.

# sudo
# cd /etc/ssh

Backup your keys
# mkdir backup
# cp ssh_host_*_key* backup/

Generate new ones
# ssh-keygen -b 2048 -t rsa -f ssh_host_rsa_key
# ssh-keygen -b 1024 -t dsa -f ssh_host_dsa_key #FIPS standard says DSA has to be 1024

Fix Permissions
# chown sshd:ssh ssh_host_*_key*
# chmod 400 ssh_host_*_key*
# chmod 444 ssh_host_*_key.pub

Restart SSHD, this isn't stricly necessary, but will use the updated libs, connections will be maintained
# /etc/init.d/ssh restart

I place the fingerprint for the public host key in /etc/issue.net (and uncomment the SSH host banner line in sshd_config). This makes a nice place for me to publically updated the key fingerprints and warn users that the keys have changed for good reason.

As a saftey measure, I also asked users to regenerate their SSH user keys. I still need to update a few self-signed certificates, but none of these are uses for anything serious, so I am not to worried. Debian has released the known weak key detector, although Ubuntu was nice enough to package ssh-vulnkey app with the update.

Wednesday, May 14. 2008
Posted by Dominic White in Security
Comments (0) | Trackbacks (0)

 

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

No comments

Add Comment