https://bugzilla.mindrot.org/show_bug.cgi?id=3313 Damien Miller <djm@mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |djm@mindrot.org
Resolution|--- |WONTFIX
--- Comment #1 from Damien Miller <djm@mindrot.org> ---
First, we consider the automatic ordering of host key algorithms an
important feature for security. It provides continuity of trust by
clients across changes in default algorithm preference in ssh and
servers offering hostkeys of different types.
Disabling this feature wholesale would IMO result in a net *loss* of
security as it would force more connections that already have learned a
hostkey to accept a new one of a different algorithm, thereby
needlessly exposing them to MITM risk.
That being said, commit b3855ff (shipped in openssh-8.4) adjusted the
ordering to always use the default if the client has learned a hostkey
matching the best-preference algorithm. openssh-8.5 enabled
UpdateHostkeys by default (with some restrictions) so most users will
automatically learn a best-preference hostkey if one is available at
the server. Between these, most users should end up using the default
algorithm list.
Speaking for myself - I plan to relax the restrictions around
UpdateHostkeys' activation, but do not plan to take other action around
this "vulnerability". In particular, I do not intend to offer an option
to force the use of the default cipher list. IMO too many users would
flip it thinking it solved a security problem when the situation is
actually far more subtle and the reverse is likely the case.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs