Re: [Tails-dev] Review our list of SSH ciphers and MACs

Delete this message

Reply to this message
Autore: Daniel Kahn Gillmor
Data:  
To: intrigeri, The Tails public development discussion list
Oggetto: Re: [Tails-dev] Review our list of SSH ciphers and MACs
On Sun 2016-03-13 08:52:03 -0400, intrigeri wrote:
> I hereby propose that we:
>
> 1. acknowledge we have not been able, so far, to properly maintain
>    custom Ciphers and MACs settings for the OpenSSH client;

>
> 2. acknowledge that our failure at #1 has been causing both usability
>    and security issues;

>
> 3. acknowledge that the OpenSSH upstream project, and the maintainers
>    of the corresponding package in Debian, are doing a pretty decent
>    job at deprecating dangerous crypto, at enabling newer and stronger
>    options, and at communicating about it (see e.g.
>    https://sources.debian.net/src/openssh/1:7.2p2-1/debian/NEWS/#L1);

>
> 4. as a result, drop our custom Ciphers and MACs settings from
>    config/chroot_local-includes/etc/ssh/ssh_config, and instead rely
>    on the defaults offered by the openssh-client Debian package;

>
> 5. in the future, welcome any well-conducted attempt at reintroducing
>    such customization (e.g. for the sake of fine-tuning the place
>    where we put the inter-operability / security cursor), provided
>    there is substantial change that makes us trust that such custom
>    settings will be maintained.


I think this plan sounds eminently reasonable. hard-coding a static
list of ciphers without maintaining them is pretty much guaranteed to
cause trouble, and pushing those sort of changes upstream far enough to
where they will actually be maintained benefits everyone.

thanks for proposing it, intrigeri.

       --dkg