After five months of development, the release of OpenSSH 8.5 is introduced along with which OpenSSH developers recalled the upcoming transfer to the category of obsolete algorithms that use SHA-1 hashes, due to the greater efficiency of collision attacks with a given prefix (the cost of the collision selection is estimated at about 50 thousand dollars).
In one of the next versions, they plan to disable by default the ability to use the public key digital signature algorithm "ssh-rsa", which is mentioned in the original RFC for the SSH protocol and is still widely used in practice.
To smooth the transition to new algorithms in OpenSSH 8.5, the configuration UpdateHostKeys is enabled by defaultWhich allows you to automatically switch clients to more reliable algorithms.
This setting enables a special protocol extension "hostkeys@openssh.com", which allows the server, after passing authentication, to inform the client of all available host keys. The client can reflect these keys in their ~ / .ssh / known_hosts file, which enables organizing host key updates and makes it easy to change keys on the server.
Moreover, fixed a vulnerability caused by re-freeing an already freed memory area in ssh-agent. The problem has been apparent since the release of OpenSSH 8.2 and could potentially be exploited if the attacker has access to the ssh agent socket on the local system. To complicate matters, only root and the original user have access to the socket. The most likely scenario of an attack is redirecting the agent to an account controlled by the attacker, or to a host where the attacker has root access.
In addition, sshd has added protection against very large parameter passing with a username to the PAM subsystem, which allows blocking vulnerabilities in PAM system modules (Pluggable Authentication Module). For example, the change prevents sshd from being used as a vector to exploit a recently identified root vulnerability in Solaris (CVE-2020-14871).
For the part of the changes that potentially break compatibility it is mentioned that ssh and sshd have reworked an experimental key exchange method which is resistant to brute force attacks on a quantum computer.
The method used is based on the NTRU Prime algorithm developed for post-quantum cryptosystems and the X25519 elliptic curve key exchange method. Instead of sntrup4591761x25519-sha512@tinyssh.org, the method is now identified as sntrup761x25519-sha512@openssh.com (sntrup4591761 algorithm has been replaced by sntrup761).
Of the other changes that stand out:
- In ssh and sshd, the order of advertising supported digital signature algorithms has been changed. The first is now ED25519 instead of ECDSA.
- In ssh and sshd, TOS / DSCP QoS settings for interactive sessions are now set before establishing a TCP connection.
- Ssh and sshd have stopped supporting the rijndael-cbc@lysator.liu.se encryption, which is identical to aes256-cbc and was used before RFC-4253.
- Ssh, by accepting a new host key, ensures that all host names and IP addresses associated with the key are displayed.
- In ssh for FIDO keys, a repeated PIN request is provided in case of a failure in the digital signature operation due to an incorrect PIN and the lack of a PIN request from the user (for example, when it was not possible to obtain correct biometric data and the device manually re-entered the PIN).
- Sshd adds support for additional system calls to the seccomp-bpf-based sandboxing mechanism in Linux.
How to install OpenSSH 8.5 on Linux?
For those who are interested in being able to install this new version of OpenSSH on their systems, for now they can do it downloading the source code of this and performing the compilation on their computers.
This is because the new version has not yet been included in the repositories of the main Linux distributions. To get the source code, you can do from the following link.
Done the download, now we are going to unzip the package with the following command:
tar -xvf openssh-8.5.tar.gz
We enter the created directory:
cd openssh-8.5
Y we can compile with the following commands:
./configure --prefix = / opt --sysconfdir = / etc / ssh make make install