oss-sec mailing list archives
Re: OpenSSH key blacklisting
From: Solar Designer <solar () openwall com>
Date: Tue, 27 May 2008 19:44:35 +0400
On Sat, May 17, 2008 at 04:46:30PM +0200, Robert Buchholz wrote:
Do you have a patch to propose, implementing your idea?
Dmitry V. Levin and I have completed design of the encoding scheme, and Dmitry implemented it. Now we have: blacklist-encode.c - the encoder program; blacklist-check.c - the "checker" program, used for testing only; openssh-3.6.1p2-owl-blacklist.diff - the patch to sshd. The patch is against an older version that we still have in Owl (with lots of other patches), but it is trivial to forward-port. In fact, I expect that Dmitry will port it to the newer version in ALT Linux's distributions very soon (if not already). Dmitry - please announce your forward-port in here when you have it. Dmitry has done fairly extensive testing, but we would not mind others in the community doing more tests and reporting back in here. We also have openssh-blacklist-0.3-1.bin.bz2, which is used as a "source" in our OpenSSH package. It was generated from ftp://ftp.debian.org/debian/pool/main/o/openssh-blacklist/openssh-blacklist_0.3.tar.gz with: cat [DR]SA-{1024,2048}.[bl]e{32,64} | ./blacklist-encode 6 > openssh-blacklist-0.3-1.bin bzip2 !$ That is, it contains 48-bit partial fingerprints for 1024-bit and 2048-bit RSA and 1024-bit DSA keys for PID range 1 to 32767 (a total of almost 300k keys). The installed file size is just 1.3 MB, which corresponds to less than 4.5 bytes per fingerprint, and the .bz2 (and .rpm) is just 1.2 MB. Lookups are very quick, and only three small portions of the file are read per lookup, for a total of under 100 bytes of data to read (as far as sshd is concerned). Neither the code nor the file format is specific to 48-bit partial fingerprints; it is possible to use larger ones by supplying something other than "6" (the size in bytes) on blacklist-encode's command-line. There is a safety check against even smaller values in blacklist-encode.c's main(), although if you really know what you're doing, you can go for 40-bit as well, bringing file size for the same keys to under 1 MB. Our latest source code may be found here: http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/openssh/ (along with lots of other patches to OpenSSH). The pre-encoded blacklist file may be found here: ftp://ftp.ru.openwall.com/pub/Owl/pool/sources/openssh/ (and on other mirrors). I've attached current revisions of the source files and patch mentioned above. This is to encourage community review and comments, and to enable easy quoting of relevant context (please do not overquote). Please note that this effort was/is supported by CivicActions. It will enable us to receive funding for and get involved in more community activities in the future if you give due credit to both Openwall and CivicActions (especially with website links) when you reuse this stuff. Thanks in advance for any feedback. Alexander
Attachment:
blacklist-encode.c
Description:
Attachment:
blacklist-check.c
Description:
Attachment:
openssh-3.6.1p2-owl-blacklist.diff
Description:
Current thread:
- Re: OpenSSH key blacklisting, (continued)
- Re: OpenSSH key blacklisting Robert Buchholz (May 17)
- Re: OpenSSH key blacklisting Solar Designer (May 17)
- Re: OpenSSH key blacklisting Robert Buchholz (May 17)
- Re: OpenSSH key blacklisting Solar Designer (May 17)
- Re: OpenSSH key blacklisting Kees Cook (May 18)
- Re: OpenSSH key blacklisting Solar Designer (May 18)
- Re: OpenSSH key blacklisting Kees Cook (May 19)
- Re: OpenSSH key blacklisting Kees Cook (May 19)
- Re: OpenSSH key blacklisting Kees Cook (May 18)
- Re: OpenSSH key blacklisting Matthias Andree (May 20)
- Re: OpenSSH key blacklisting Solar Designer (May 27)
- Re: OpenSSH key blacklisting Dmitry V. Levin (May 27)
- Re: OpenSSH key blacklisting Tim Brown (May 28)
- Re: OpenSSH key blacklisting Sebastian Krahmer (May 28)
- Re: OpenSSH key blacklisting Tim Brown (Jun 02)
- Re: OpenSSH key blacklisting Sebastian Krahmer (Jun 02)
- Re: OpenSSH key blacklisting Nathanael Hoyle (Jun 04)
- Re: OpenSSH key blacklisting The Fungi (Jun 04)
- Re: OpenSSH key blacklisting Nathanael Hoyle (Jun 04)
- Re: OpenSSH key blacklisting Jonathan Smith (Jun 04)
- Re: OpenSSH key blacklisting Nathanael Hoyle (May 28)