koobs
commented
2 years ago Why?
IIRC, the default moduli file installed with FreeBSD has moduli entries <= 3071
Closed jlduran closed 2 years ago
koobs
commented
2 years ago Why?
IIRC, the default moduli file installed with FreeBSD has moduli entries <= 3071
jlduran
commented
2 years ago The moduli file is just a bunch of prime numbers, removing <= 3071 bit primes wouldn't help much, they (sshaudit.com) are calling it a bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2793.
Don't mind leaving it as is, if it creates a false sense of extra security. The OpenBSD guide even re-generates the file.
I have no objections to what is being done at the moment, just thought it was appropriate to point out it is not very useful.
koobs
commented
2 years ago The moduli file is just a bunch of prime numbers, removing <= 3071 bit primes wouldn't help much, they (sshaudit.com) are calling it a bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2793.
I believe/understand that removing <= 3071 size moduli (keeping those >= 3071) is distinct from the issue of OpenSSH falling back or using smaller moduli in certain circumstances? Can OpenSSH fallback to smaller moduli if they dont exist in the moduli file? Isn't this the reason for modifying the moduli file in the first place?
Don't mind leaving it as is, if it creates a false sense of extra security. The OpenBSD guide even re-generates the file.
Again, goal here is to match the official guides, so we can upstream a/this FreeBSD Guide. If the current official guides do it, we should do it (at least for now).
What's the call on this change given the above?
jlduran
commented
2 years ago The moduli file is just a bunch of prime numbers, removing <= 3071 bit primes wouldn't help much, they (sshaudit.com) are calling it a bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2793.
I believe/understand that removing <= 3071 size moduli (keeping those >= 3071) is distinct from the issue of OpenSSH falling back or using smaller moduli in certain circumstances? Can OpenSSH fallback to smaller moduli if they dont exist in the moduli file? Isn't this the reason for modifying the moduli file in the first place?
Yes, OpenSSH falls back to a smaller moduli:
Essentially making the snip/modification useless.
Don't mind leaving it as is, if it creates a false sense of extra security. The OpenBSD guide even re-generates the file.
Again, goal here is to match the official guides, so we can upstream a/this FreeBSD Guide. If the current official guides do it, we should do it (at least for now).
What's the call on this change given the above?
I don't mind leaving it if others are doing it. If you as a user seeing the other guides will perceive FreeBSD's as less secure for not doing it. It doesn't harm to do it anyway. Plus, if that bug report is ever merged (I doubt it), then this will become a required procedure.
koobs
commented
2 years ago Let's keep with upstream and official guides, which I believe has this line to modify the file.
jlduran
commented
2 years ago Not removing this step, as it is in line with other guides.
jlduran
commented
2 years ago For my future reference:
Upstream guides are based on this document. The author recommended removing DH moduli with length less than 2000 bits, at the time a valid recommendation, since only after OpenSSH 7.2 the minimum modulus size supported for diffie-hellman-group-exchange was increased to 2048 bits.
It is not necessary to modify the moduli file.