PubkeyAcceptedKeyTypes and ssh-dsa key type

12

0

I'm trying to test the order in which keys are tried. One of the system's users is using DSA, so I'm trying to test it as an option. I'm getting a Bad key types.

$ ssh -vv -p 1522 jwalton@192.168.1.11
OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015
debug1: Reading configuration data /Users/jwalton/.ssh/config
/Users/jwalton/.ssh/config line 2: Bad key types 'ssh-ed25519,ecdsa-sha2-nistp256,ssh-dsa,ssh-rsa'.

I narrowed it down to ssh-dsa. According to ssh_config(5) (its actually part of sshd_config(5), but its listed as a new ssh_config feature in the OpenSSH 7.0 release notes):

 The -Q option of ssh(1) may be used to list supported key types.

However, I can't seem to get it to work:

riemann::~$ ssh -Q 
/usr/local/bin/ssh: option requires an argument -- Q
riemann::~$ ssh -Q dsa
Unsupported query "dsa"
riemann::~$ ssh -Q ssh-dsa
Unsupported query "ssh-dsa"
riemann::~$ ssh -Q ed25529
Unsupported query "ed25529"
riemann::~$ ssh -Q ssh-ed25529
Unsupported query "ssh-ed25529"
riemann::~$ ssh -Q PubkeyAcceptedKeyTypes
Unsupported query "PubkeyAcceptedKeyTypes"

How does one use the ssh -Q option?

What is the key type for ssh-dsa?

jww

Posted 2015-08-26T07:20:06.777

Reputation: 1

Answers

14

Reading manual pages should help you:

 -Q cipher | cipher-auth | mac | kex | key | protocol-version

Queries ssh for the algorithms supported for the specified version 2. The available features are: cipher (supported symmetric ciphers), cipher-auth (supported symmetric ciphers that support authenticated encryption), mac (supported message integrity codes), kex (key exchange algorithms), key (key types) and protocol-version (supported SSH protocol versions).

Calling ssh -Q key gives you what you want:

ssh -Q key
ssh-ed25519
ssh-ed25519-cert-v01@openssh.com
ssh-rsa
ssh-dss
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521
ssh-rsa-cert-v01@openssh.com
ssh-dss-cert-v01@openssh.com
ecdsa-sha2-nistp256-cert-v01@openssh.com
ecdsa-sha2-nistp384-cert-v01@openssh.com
ecdsa-sha2-nistp521-cert-v01@openssh.com

This is new feature in openssh-7.0 so remember that it doesn't have to work in older versions.

ssh-dsa key type is ssh-dss and it is disabled by default in this version.

Jakuje

Posted 2015-08-26T07:20:06.777

Reputation: 7 981

Thanks. What man page were you in? – jww – 2015-08-26T13:13:21.400

2"ssh-dsa key type is ssh-dss and it is disabled by default in this version." - OK, thanks. Is there a reason it is disabled by default? DSA2 has 112-bits of security (equivalent to 2048-bit RSA), so its not weak/wounded like a 512-bit or 768-bit moduli. Also, DSS includes RSA and ECDSA, so its clearly disabling DSA, and not DSS. – jww – 2015-08-26T13:16:59.013

man ssh; The original reasoning behind disabling these protocols was not publicly stated, but the fact is that this algorithm came from NIST, maybe the requirement for good entropy source. We can guess or ask on http://security.stackexchange.com

– Jakuje – 2015-08-26T14:37:46.400

1Not in the man pages here with Fedora 23 beta; but ssh -Q key does work. Unfortunately the keys on my machine are not supported now. – mikebabcock – 2015-09-28T01:56:24.710

@Jakuje - to play devil's advocate: "...but the fact is that this algorithm came from NIST,..." - If DSA is a problem, then they need to disable ECDSA, too. The only thing that changed between them is the underlying field (Integers vs Elliptic Curves). – jww – 2015-09-28T04:08:02.797

How does one enable DNS then? – Pavel Šimerda – 2015-10-05T21:07:03.423

3

@PavelŠimerda How is this related to DNS? You mean DSA? This is exactly what is the PubkeyAcceptedKeyTypes option for. If you add it to your ssh_config with +ssh-dss value, you should be able to accept DSA keys on server. On server you can use HostKeyAlgorithms as described in release notes: http://www.openssh.com/txt/release-7.0

– Jakuje – 2015-10-05T21:20:59.760

Of course I meant ssh-dss user authentication keys, sorry. How is that related to ssh_config, that one is for the client, right? Also HostKeyAlgorithms seems to be unrelated as one usually needs DSA just for user authentication. – Pavel Šimerda – 2015-10-13T19:20:36.460

@PavelŠimerda No. DSA can be used both for user authentication keys and server host keys -- both have the same format (and in latest version disabled on both sides by default). And this option, as manual describes, selects which host keys are accepted by client. – Jakuje – 2015-10-13T19:57:02.483

„No. DSA can be used both for user authentication keys and server host keys“ – I didn't say otherwise, so you're disagreeing with made up arguments and that's not very constructive. – Server has typically several types of host keys and the client can easily choose one. I'm interested in the user authentication key because once that one is not accepted by the server, the user cannot log in. – Pavel Šimerda – 2015-10-14T07:47:48.457

To understand why DSA was disabled you can read for instance this article: https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html

– David Faure – 2016-06-13T15:45:49.700

1@DavidFaure It does not explain why, it was disabled it just says it was disabled and how to handle it – Jakuje – 2016-06-13T16:42:42.210

True. Even the linked page, http://www.openssh.com/legacy.html, only says "it is too weak" without more details.

– David Faure – 2016-06-14T18:06:26.033

0

For reference, an answer posted in unix.stackexchange.com helped us fix the issue:

The new openssh version (7.0+) deprecated DSA keys and is not using DSA keys by default (not on server or client). The keys are not preferred to be used anymore, so if you can, I would recommend to use RSA keys where possible.

If you really need to use DSA keys, you need to explicitly allow them in your client config using

PubkeyAcceptedKeyTypes +ssh-dss Should be enough to put that line in ~/.ssh/config, as the verbose message is trying to tell you.

https://unix.stackexchange.com/a/247614/39540

Meetai.com

Posted 2015-08-26T07:20:06.777

Reputation: 611

Asked: 2015-08-26T07:20:06.777

Viewed: 21 379 times

Active: 2018-10-28T07:48:36.003