DROPBEAR_DH_GROUP14_SHA1 discussion
Joseph Reynolds
jrey at linux.ibm.com
Wed Sep 16 01:57:35 AEST 2020
I got a question about the ciphers supported by the dropbear SSH server
that was patched here [1].
Specifically, the OpenBMC patch disables DROPBEAR_DH_GROUP14_SHA1. What
are the consequences of re-enabling it in a downstream project?
My answer:
OpenBMC disabled this because SHA1 algorithms are considered to be
medium strength and the ability to break these will only increase during
a typical BMC lifetime of 7 years. I understand this means an attacker
with (1) visibility to the encrypted SSH traffic and (2) access to a
very powerful compute facility may be able to break the encryption in 24
hours. If this risk is acceptable, you can re-enable this cipher.
- Joseph
[1]:
https://github.com/openbmc/openbmc/blob/master/poky/meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch
More information about the openbmc
mailing list