[Cerowrt-devel] Available MACs in dropbear

[Cerowrt-devel] Available MACs in dropbear

[Maciej Soltysiak]

Hi list,

For some reason dropbear doesn't have modern MACs for SSH. On cero
3.10.36 I've got Dropbear SSH client v2013.59:

root@cerowrt:/etc# ssh -m help
ssh: Available MACs:
hmac-sha1-96,hmac-sha1,hmac-md5

(MD5 BTW...)
However, dropbear since v2013.56 has support for sha2
(https://matt.ucc.asn.au/dropbear/CHANGES):
Added hmac-sha2-256 and hmac-sha2-512 support (off by default, use options.h)

It might be that we don't have it enabled in the cero build.

The reason why it hurts me is that I have servers configured according
to bettercrypto.org and I can't connect from cero (rare occasions, but
they happen). I get:

ssh: Connection to user@server.com:22 exited: No matching algo mac c->s

I apologize for not looking at github, but I'm really low on time :-((

Do we have sha2 in dropbear in later cero versions or do we have to
modify the build?

I wonder what openwrt has configured...

Best regards,
Maciej

Re: [Cerowrt-devel] Available MACs in dropbear

[Michael Richardson]

Maciej Soltysiak <maciej@soltysiak.com> wrote:
    > For some reason dropbear doesn't have modern MACs for SSH. On cero
    > 3.10.36 I've got Dropbear SSH client v2013.59:

Just to make sure you are clear: hmac-md5 is not subject to any of the
preimage attacks that md5 is subject to.  It's not the same thing.

    > The reason why it hurts me is that I have servers configured according
    > to bettercrypto.org and I can't connect from cero (rare occasions, but

1) MD5 != HMAC-MD5.
2) SSHv2 is not SSL, and POODLE would be impossible against SSHv2 (or IPsec
   for that matter).

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

Re: [Cerowrt-devel] Available MACs in dropbear

[Maciej Soltysiak]

On Fri, Oct 24, 2014 at 7:52 PM, Michael Richardson <mcr@sandelman.ca> wrote:
>     > The reason why it hurts me is that I have servers configured according
>     > to bettercrypto.org and I can't connect from cero (rare occasions, but
>
> 1) MD5 != HMAC-MD5.
That I didn't know, thanks Michael. For some reason bettercrypto.org
people make sure not to use hmac-md5 by suggesting the following:
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160

I believe I'd be able to connect to if SHA256 or SHA512 was enabled here:
https://github.com/dtaht/cerowrt-3.10/blob/master/package/network/services/dropbear/patches/120-openwrt_options.patch


> 2) SSHv2 is not SSL, and POODLE would be impossible against SSHv2 (or IPsec
>    for that matter).
That, I'm aware of, yes.

Best regards,
Maciej

Re: [Cerowrt-devel] Available MACs in dropbear

[Michael Richardson]

Maciej Soltysiak <maciej@soltysiak.com> wrote:
    >> The reason why it hurts me is that I have servers configured
    >> according to bettercrypto.org and I can't connect from cero (rare
    >> occasions, but
    >>
    >> 1) MD5 != HMAC-MD5.
    > That I didn't know, thanks Michael. For some reason bettercrypto.org

Yeah, people get very excited over pattern matching of crypto algorithms.

    >> 2) SSHv2 is not SSL, and POODLE would be impossible against SSHv2 (or
    >> IPsec for that matter).

    > That, I'm aware of, yes.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

Re: [Cerowrt-devel] Available MACs in dropbear

[Maciej Soltysiak]

On Fri, Oct 24, 2014 at 8:54 PM, Michael Richardson <mcr@sandelman.ca> wrote:
>
> Maciej Soltysiak <maciej@soltysiak.com> wrote:
>     >> The reason why it hurts me is that I have servers configured
>     >> according to bettercrypto.org and I can't connect from cero (rare
>     >> occasions, but
>     >>
>     >> 1) MD5 != HMAC-MD5.
>     > That I didn't know, thanks Michael. For some reason bettercrypto.org
>
> Yeah, people get very excited over pattern matching of crypto algorithms.
Well, that may be the case. Here though, I'm more interested in introducing
HMAC-SHA2s, than eradicating HMAC-MD5 as my setups wouldn't allow it anyway.

Anyway, Dave, here's the pull request:
https://github.com/dtaht/cerowrt-3.10/pull/1
And here's the commit I'm suggesting:
https://github.com/pysiak/cerowrt-3.10/commit/3cac2227700561272e3476f568318c42975bc813

The request is to patch a patch unfortunately :-)

Can you have a look, please?
Maciej Soltysiak

Re: [Cerowrt-devel] Available MACs in dropbear

[Dave Taht]

I'd argue more in favor of updating to the latest dropbear, pulled anyway.

On Sat, Oct 25, 2014 at 5:31 AM, Maciej Soltysiak <maciej@soltysiak.com> wrote:
> On Fri, Oct 24, 2014 at 8:54 PM, Michael Richardson <mcr@sandelman.ca> wrote:
>>
>> Maciej Soltysiak <maciej@soltysiak.com> wrote:
>>     >> The reason why it hurts me is that I have servers configured
>>     >> according to bettercrypto.org and I can't connect from cero (rare
>>     >> occasions, but
>>     >>
>>     >> 1) MD5 != HMAC-MD5.
>>     > That I didn't know, thanks Michael. For some reason bettercrypto.org
>>
>> Yeah, people get very excited over pattern matching of crypto algorithms.
> Well, that may be the case. Here though, I'm more interested in introducing
> HMAC-SHA2s, than eradicating HMAC-MD5 as my setups wouldn't allow it anyway.
>
> Anyway, Dave, here's the pull request:
> https://github.com/dtaht/cerowrt-3.10/pull/1
> And here's the commit I'm suggesting:
> https://github.com/pysiak/cerowrt-3.10/commit/3cac2227700561272e3476f568318c42975bc813
>
> The request is to patch a patch unfortunately :-)
>
> Can you have a look, please?
> Maciej Soltysiak
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel



-- 
Dave Täht

thttp://www.bufferbloat.net/projects/bloat/wiki/Upcoming_Talks

Re: [Cerowrt-devel] Available MACs in dropbear

[Maciej Soltysiak]

[-- Attachment #1: Type: text/plain, Size: 1719 bytes --]

Funny thing. Latest dropbear still has these 2 commented out for some
reason. Maybe it's worth checking upstream.

Maciej
On 25 Oct 2014 15:36, "Dave Taht" <dave.taht@gmail.com> wrote:

> I'd argue more in favor of updating to the latest dropbear, pulled anyway.
>
> On Sat, Oct 25, 2014 at 5:31 AM, Maciej Soltysiak <maciej@soltysiak.com>
> wrote:
> > On Fri, Oct 24, 2014 at 8:54 PM, Michael Richardson <mcr@sandelman.ca>
> wrote:
> >>
> >> Maciej Soltysiak <maciej@soltysiak.com> wrote:
> >>     >> The reason why it hurts me is that I have servers configured
> >>     >> according to bettercrypto.org and I can't connect from cero
> (rare
> >>     >> occasions, but
> >>     >>
> >>     >> 1) MD5 != HMAC-MD5.
> >>     > That I didn't know, thanks Michael. For some reason
> bettercrypto.org
> >>
> >> Yeah, people get very excited over pattern matching of crypto
> algorithms.
> > Well, that may be the case. Here though, I'm more interested in
> introducing
> > HMAC-SHA2s, than eradicating HMAC-MD5 as my setups wouldn't allow it
> anyway.
> >
> > Anyway, Dave, here's the pull request:
> > https://github.com/dtaht/cerowrt-3.10/pull/1
> > And here's the commit I'm suggesting:
> >
> https://github.com/pysiak/cerowrt-3.10/commit/3cac2227700561272e3476f568318c42975bc813
> >
> > The request is to patch a patch unfortunately :-)
> >
> > Can you have a look, please?
> > Maciej Soltysiak
> > _______________________________________________
> > Cerowrt-devel mailing list
> > Cerowrt-devel@lists.bufferbloat.net
> > https://lists.bufferbloat.net/listinfo/cerowrt-devel
>
>
>
> --
> Dave Täht
>
> thttp://www.bufferbloat.net/projects/bloat/wiki/Upcoming_Talks
>

[-- Attachment #2: Type: text/html, Size: 2896 bytes --]