conf/149343: sshd silently switches to RSA in 8.x and 9.x [patch for mergemaster]

Thu Aug 5 20:00:21 UTC 2010

>Number:         149343
>Category:       conf
>Synopsis:       sshd silently switches to RSA in 8.x and 9.x [patch for mergemaster]
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Aug 05 20:00:20 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Mikhail T.
>Release:        FreeBSD 8.1-PRERELEASE amd64
>Organization:
Virtual Estates, Inc. http://sybpipe.com/
>Environment:
FreeBSD aldan.narawntapu 8.1-PRERELEASE FreeBSD 8.1-PRERELEASE #0: Mon Jul 5 00:51:57 EDT 2010 root at aldan.narawntapu:/meow/obj/var/src/sys/SILVER-SMP amd64
>Description:
Unlike in earlier versions, in 8.x (and 9.x) sshd uses RSA hostkeys instead of DSA by default. Buffling as it may be to regular users, according to des: "It had to happen. There is nothing to resolve. Move along."

Unsatisfying words, for when an existing installation is upgraded, this point is very easy to miss, because the UPDATING-entry on the subject is 2 years old. Unfortunately, this may be troublesome to those, who use automated ssh-based
jobs, as those jobs would now hang.  Interactive ssh-connections would prompt the user to accept the new (RSA-based) host-keys, as just happened on freefall, for example.

For the old behavior (using DSA) to continue, the DSA HostKey must now be specified explicitly. This is something, mergemaster can do -- in some cases...

>How-To-Repeat:
Upgrade from 7.x to 8.x. Try to ssh into the upgraded system. Witness the warning about new host key (along with warning, that the key of a different type is already known for that host).

>Fix:
This patch is the best I can come up with my limited knowledge of mergemaster. It does not catch all cases -- such as when the only differences are in RCS-tags and the -F is used...


Patch attached with submission follows:

Index: mergemaster.sh
===================================================================
RCS file: /home/ncvs/src/usr.sbin/mergemaster/mergemaster.sh,v
retrieving revision 1.72.2.6
diff -U 2 -r1.72.2.6 mergemaster.sh

--- mergemaster.sh	20 May 2010 22:12:36 -0000	1.72.2.6
+++ mergemaster.sh	5 Aug 2010 18:22:18 -0000
@@ -860,4 +860,53 @@
       DONT_INSTALL=yes
       ;;
+    /etc/ssh/sshd_config)
+	# If some HostKey is already explicitly set, we don't worry
+	if grep ^HostKey "$COMPFILE"
+	then
+		do_install_and_rm "${FILE_MODE}" "${1}" "${DESTDIR}${INSTALL_DIR}"
+		return
+	fi
+	fmt << EOWARNING
+***	Note, when upgrading to 8.x. For many years FreeBSD's sshd
+	installations used DSA-keys by default. The 8.x branch reverts
+	to the vendor's behavior of using RSA by default. This may
+	cause connecting clients to stall with the "new host key"
+	warnings. To continue to use DSA, ${1#.} has to explictly
+	set HostKey to point to your DSA-key file.
+
+EOWARNING
+	if [ `egrep -c '^#HostKey\s*.*_dsa_key$' $COMPFILE` != 1 ]
+	then
+		fmt << EOWARNING
+	Unfortunately, the $COMPFILE is more complex then what can be
+	automatically fixed by this script.
+
+EOWARNING
+		do_install_and_rm "${FILE_MODE}" "${1}" "${DESTDIR}${INSTALL_DIR}"
+		return
+	fi
+	cat << EOMENU
+	Use 'f' to try to automatically fix ${1#.} before installing
+	Use 'i' to just install it as is.
+        Default is to leave the temporary file to deal with by hand
+
+EOMENU
+	read -p "  How should I handle ${COMPFILE}? [Leave it to install later] " \
+		HANDLE_HOST_KEY
+
+        case "$HANDLE_HOST_KEY" in
+	[fF]*)
+		sed -i"" -e 's|#\(HostKey\s*.*_dsa_key.*\)|\1|' $COMPFILE
+		;;
+	[iI]*)
+		;;
+	default)
+		echo "   *** ${COMPFILE} will remain for your consideration"
+		return
+		;;
+	esac
+	do_install_and_rm "${FILE_MODE}" "${1}" "${DESTDIR}${INSTALL_DIR}"
+	return
+	;;
     /.cshrc | /.profile)
       local st_nlink


>Release-Note:
>Audit-Trail:
>Unformatted:
