Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/crypto: preferredKexAlgos in golang.org/x/crypto/ssh includes SHA1 #59593

Open
smlx opened this issue Apr 13, 2023 · 1 comment
Open

x/crypto: preferredKexAlgos in golang.org/x/crypto/ssh includes SHA1 #59593

smlx opened this issue Apr 13, 2023 · 1 comment
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Unreleased

Comments

@smlx
Copy link

smlx commented Apr 13, 2023

What version of Go are you using (go version)?

$ go version
go version go1.20.3 linux/amd64

Does this issue reproduce with the latest release?

Yes.

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/scott/.cache/go-build"
GOENV="/home/scott/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/home/scott/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/scott/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.20.3"
GCCGO="gccgo"
GOAMD64="v1"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="0"
GOMOD="/dev/null"
GOWORK=""
CGO_CFLAGS="-O2 -g"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-O2 -g"
CGO_FFLAGS="-O2 -g"
CGO_LDFLAGS="-O2 -g"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -Wl,--no-gc-sections -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build1232564776=/tmp/go-build -gno-record-gcc-switches"

What did you do?

Built an SSH server using x/crypto/ssh, and ran ssh -vvv to connect to it.

What did you expect to see?

I expected the server to present KEX algorithms excluding any using SHA1.

What did you see instead?

debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1

The default algorithms used by the ssh server appears to be configured here:
https://github.com/golang/crypto/blob/1faeef9713563c936e077b84e4c3a0f3cac0fbe4/ssh/common.go#L62-L68

Does it make sense to remove kexAlgoDH14SHA1 from the preferred KEX algorithm list? I note that NIST has announced SHA1's retirement, and GitHub discontinued SSH SHA1 support way back in 2018.
@gopherbot gopherbot added this to the Unreleased milestone Apr 13, 2023
@smlx smlx mentioned this issue Apr 13, 2023
Closed
@dr2chase
Copy link
Contributor

@golang/security

@dr2chase dr2chase added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Apr 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
3 participants
@smlx @dr2chase @gopherbot