Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

ssh keys

6 views
Skip to first unread message

Tor Myklebust

unread,
May 15, 2008, 10:01:04 PM5/15/08
to
Some time ago, Debian uncovered a weakness in their openssl packages
causing key generation to be predictable. Debian also released a tool
(dowkd.pl, called below) that can check whether a key is weak. Having
run it on many campus Linux hosts, I get some rather disturbing results:

tmyklebu@beta:~$ ( ssh caffeine.csclub ./dowkd.pl host `grep linux
/etc/hosts | cut -f 1 -d " " | sort | uniq` 2>&1 ) | grep "weak key"
tmyk...@caffeine.csclub's password:
129.97.152.70: weak key
129.97.152.72: weak key
129.97.152.73: weak key
129.97.152.74: weak key
129.97.152.75: weak key
129.97.152.71: weak key
129.97.152.70: weak key
129.97.152.71: weak key
129.97.152.72: weak key
129.97.152.73: weak key
129.97.152.74: weak key
129.97.152.75: weak key
tmyklebu@beta:~$ getent hosts 129.97.152.70
129.97.152.70 mef-fe02.student.cs.uwaterloo.ca mef-fe02.student.cs
mef-fe02-csserver1net.student.cs fe02-linux.student.cs
tmyklebu@beta:~$ getent hosts 129.97.152.71
129.97.152.71 mef-fe04.student.cs.uwaterloo.ca
tmyklebu@beta:~$ getent hosts 129.97.152.72
129.97.152.72 mef-fe06.student.cs.uwaterloo.ca
tmyklebu@beta:~$ getent hosts 129.97.152.73
129.97.152.73 mef-fe08.student.cs.uwaterloo.ca
tmyklebu@beta:~$ getent hosts 129.97.152.74
129.97.152.74 mef-fe10.student.cs.uwaterloo.ca
tmyklebu@beta:~$ getent hosts 129.97.152.75
129.97.152.75 mef-fe12.student.cs.uwaterloo.ca

This is bad; somebody should regenerate the ssh keys for these hosts.
Somebody should probably also run dowkd against those Debian-based hosts
at UW that don't have "linux" in their names.

Walter Tautz

unread,
May 16, 2008, 9:59:05 AM5/16/08
to

I have taken care of these hosts already.

Walter, CSCF

Consider this iitem done.

Anand K. Mistry

unread,
May 16, 2008, 5:02:49 PM5/16/08
to Walter Tautz

> I have taken care of these hosts already.
>
> Walter, CSCF
>
> Consider this iitem done.

Where can we get a list of ssh keys for the student.cs environment? I
searched the CS website but couldn't find anything.

Thanks,
- Anand

dj3v...@csclub.uwaterloo.ca.invalid

unread,
May 16, 2008, 5:23:08 PM5/16/08
to
In article <slrng2r4pt...@moduli.cscf.uwaterloo.ca>,

Walter Tautz <wta...@uwaterloo.ca> wrote:
>On 2008-05-16, Tor Myklebust <tmyk...@csclub.uwaterloo.ca> wrote:

>> Some time ago, Debian uncovered a weakness in their openssl packages
>> causing key generation to be predictable.

[...]

>I have taken care of these hosts already.
>
>Walter, CSCF

The host key on cpu08.student.cs (not a Linux system) also appears to
have changed. Is that change related to this?

(Also, is there a reasonably trustworthy way that SSH users can be
notified of this kind of change and that the new key is legitimate?)


dave

Walter Tautz

unread,
May 26, 2008, 1:18:04 PM5/26/08
to
There is no real formal list where we store these albeit we sometimes
scan various hosts and store the keys in

https://www.cs.uwaterloo.ca/cscf/software/ssh/data/

However, it is likely these are not up to date. The most up to date keys
are on the hosts themselves. Basically my advice to you is to get rid of
any ssh keys you may have generated to allow for passwordless logins for
example. On a linux host running Ubuntu you can use ssh-vulnkey to check your keys.
In most case all effected hosts have been updated. As a consequence if
you get a message (when logging into one of our linux hosts) about it being unknown or something just delete
.ssh/known_hosts (which by the way ssh-vulnkey will scan) on the host
you are logging in *from*.

walter, cscf

Walter Tautz

unread,
May 26, 2008, 1:24:20 PM5/26/08
to
On 2008-05-16, dj3v...@csclub.uwaterloo.ca.invalid <dj3v...@csclub.uwaterloo.ca.invalid> wrote:
> In article <slrng2r4pt...@moduli.cscf.uwaterloo.ca>,
> Walter Tautz <wta...@uwaterloo.ca> wrote:
>>On 2008-05-16, Tor Myklebust <tmyk...@csclub.uwaterloo.ca> wrote:
>
>>> Some time ago, Debian uncovered a weakness in their openssl packages
>>> causing key generation to be predictable.
> [...]
>
>>I have taken care of these hosts already.
>>
>>Walter, CSCF
>
> The host key on cpu08.student.cs (not a Linux system) also appears to
> have changed. Is that change related to this?

I do not know about this particular host. It's unlikely this would be
related to the particular bug in the debian based packaging.

>
> (Also, is there a reasonably trustworthy way that SSH users can be
> notified of this kind of change and that the new key is legitimate?)

We usually attempt to scan hosts
and store the known keys in

https://www.cs.uwaterloo.ca/cscf/software/ssh/data/

but it may well be out of date as the scanning is done
when manually when enough changes have been made.
You can trust the keys on the main linux servers, i.e.,
the mef-fe##.student.cs hosts.


walter, cscf


>
>
> dave
>

David Gawley

unread,
May 26, 2008, 6:03:15 PM5/26/08
to dj3v...@csclub.uwaterloo.ca
In article <g0ktvs$urb$1...@rumours.uwaterloo.ca>,

CSCF publishes the known_host key files it has permission to scan
for (along with some possibly obsolete keys for the rest of campus) at
https://www.cs.uwaterloo.ca/cscf/software/ssh/data/.

I last updated them on May 21. In the future, I'll try to remember to post
an announcement in uw.cscf.fyi when those files (and their md5 check sums)
are updated.

Dave
CSCF

0 new messages