[124247] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: blacklisting the bad ssh keys?

daemon@ATHENA.MIT.EDU (michael taylor)
Thu May 22 14:48:48 2008

Date: Thu, 22 May 2008 13:19:43 -0400
From: "michael taylor" <mctylr@gmail.com>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Cc: cryptography@metzdowd.com
In-Reply-To: <20080514195258.0c1ae32a@cs.columbia.edu>

On Wed, May 14, 2008 at 7:52 PM, Steven M. Bellovin <smb@cs.columbia.edu> wrote:
> Given the published list of bad ssh keys due to the Debian mistake (see
> http://metasploit.com/users/hdm/tools/debian-openssl/), should sshd be
> updated to contain a blacklist of those keys?  I suspect that a Bloom
> filter would be quite compact and efficient.

Debian has two packages, one call openssh-blacklist (1024 DSA and 2048
bit keys RSA keys) ~4MB, and an "unstable" package
openssh-blacklist-extra for non-default key sizes sizes that are
simple lists of blacklisted keys.

current source:
<http://ftp.debian.org/debian/pool/main/o/openssh-blacklist/openssh-blacklist_0.3.tar.gz>

from the README:
-----------------------------------------
The blacklists are separate by architecture, type, and bit size.  The
contents are ordered by process pid, starting at PID 1 and ending at PID
32767.

While generating entries, each possible process ID must be used.  To
help automate this, LD_PRELOAD is used to override the getpid() libc
function.  See "generate-blacklist.sh" for details.  Note that the list
is architecture-specific.
-----------------------------------------

-Michael

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post