coreos-base/misc-files: Drop Ciphers, MACs, KexAlgorithms from sshd conf #3614
Conversation
tormath1
left a comment
tormath1
left a comment
There was a problem hiding this comment.
Thanks, it looks good to me to rely on upstream here for security reasons. I let you decide if we should backport this or not but since this affects SSH, I'd be in favor of backporting this to Alpha / Beta only, just to identify any regression preventing remote connection.
krnowak
left a comment
krnowak
left a comment
There was a problem hiding this comment.
I think it's fine, but I it will need a mention in release notes.
|
The corresponding file ends up in For users running into issues, an openssh config drop in (e.g. via Ignition) to |
t-lo
left a comment
t-lo
left a comment
There was a problem hiding this comment.
LGTM - suggested a changelog improvement. Thank you!
Setting an absolute list was preventing newer options from being
enabled, leading to this scary error message from newer clients.
$ ssh flatcar
Warning: Permanently added '[127.0.0.1]:2222' (ED25519) to the list of known hosts.
** WARNING: connection is not using a post-quantum key exchange algorithm.
** This session may be vulnerable to "store now, decrypt later" attacks.
** The server may need to be upgraded. See https://openssh.com/pq.html
Last login: Wed Oct 15 10:05:46 UTC 2025 from 10.0.2.2 on pts/0
Flatcar Container Linux by Kinvolk beta 4426.1.0 for QEMU
After going through each of the options, the only ones we were adding
above the current 10.2p1 defaults were the diffie-hellman-group KEX
algorithms. These were dropped upstream in 2024 because they are slower
while providing no benefit over other options. The continued presence of
ecdh-sha2-nistp256 ensures compatibility with default clients at least
as far back as 2016.
I think we should just continue to follow the upstream defaults unless
some significant client breakage is reported. They're usually quite
forgiving.
The order of these is significant, and our order did differ from
upstream's slightly, but I trust their order over ours.
Signed-off-by: James Le Cuirot <[email protected]>
chewi
force-pushed
the
chewi/sshd_config
branch
from
a74a2e6 to
fdab8b4
Compare
|
Backported to 4547 and 4515. |
Drop Ciphers, MACs, KexAlgorithms from sshd config
Setting an absolute list was preventing newer options from being enabled, leading to this scary error message from newer clients.
After going through each of the options, the only ones we were adding above the current 10.2p1 defaults were the
diffie-hellman-groupKEX algorithms. These were dropped upstream in 2024 because they are slower while providing no benefit over other options. The continued presence ofecdh-sha2-nistp256ensures compatibility with default clients at least as far back as 2016.I think we should just continue to follow the upstream defaults unless some significant client breakage is reported. They're usually quite forgiving.
The order of these is significant, and our order did differ from upstream's slightly, but I trust their order over ours.
How to use
Just log in with SSH.
Testing done
Jenkins basically passed. open-iscsi seems to be failing on Azure regardless. I have also tested it manually.
changelog/directory (user-facing change, bug fix, security fix, update)/bootand/usrsize, packages, list files for any missing binaries, kernel modules, config files, kernel modules, etc.