Bugzilla – Attachment 1597 Details for
Bug 1550
Move from 3DES to AES-256 for private key encryption
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch from Damien Miller to enable AES-256 in ssh-keygen
tmp.msg (text/plain), 2.27 KB, created by
Jim Knoble
on 2009-01-23 07:03:40 AEDT
(
hide
)
Description:
Patch from Damien Miller to enable AES-256 in ssh-keygen
Filename:
MIME Type:
Creator:
Jim Knoble
Created:
2009-01-23 07:03:40 AEDT
Size:
2.27 KB
patch
obsolete
>Date: Tue, 20 Jan 2009 18:30:23 +1100 (EST) >From: Damien Miller <djm@mindrot.org> >To: Jim Knoble <jmknoble@pobox.com> >cc: OpenSSH Devel <openssh-unix-dev@mindrot.org> >Subject: Re: OpenSSH private key encryption: time for AES? >In-Reply-To: <20090120060635.GA29074@crawfish.ais.com> >Message-ID: <alpine.BSO.1.10.0901201822540.5492@fuyu.mindrot.org> >References: <20090120060635.GA29074@crawfish.ais.com> > >On Tue, 20 Jan 2009, Jim Knoble wrote: > >> Hi, all. >> >> So, in reviewing my OpenSSH keypairs and evaluating the size my RSA keys >> should be, i realized that, if i update my 2048-bit keypairs to 4096 >> bits, it really doesn't matter that much, because they're still >> only encrypted with 3DES, which provides an effective 112 bits of >> symmetric encryption strength: >> >> $ head -4 ~/.ssh/id_rsa >> -----BEGIN RSA PRIVATE KEY----- >> Proc-Type: 4,ENCRYPTED >> DEK-Info: DES-EDE3-CBC,XXXXXXXXXXXXXXXX >> >> $ >> >> According to NIST[1][2], a minimum of 112-bit symmetric / 2048-bit >> asymmetric keystrength is recommended for protection up until about >> 2030. For protection beyond 2030, or for the paranoid, larger keysizes >> are recommended. Other recommendations (e.g., those of ECRYPT) vary in >> how long 112/2048-bit encryption should last. >> >> With that in mind ... how can i encrypt my 4096-bit SSH RSA keypair with >> something like AES-128, AES-256, or Twofish instead of 3DES and still >> use it with OpenSSH? Can ssh-add read (unencrypted) key data from stdin? > >If you want to change it then you can do something like this. It >probably wouldn't hurt to change - new installations will still be able >to read old keys > >Index: authfile.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/authfile.c,v >retrieving revision 1.76 >diff -u -p -r1.76 authfile.c >--- authfile.c 3 Aug 2006 03:34:41 -0000 1.76 >+++ authfile.c 20 Jan 2009 07:22:48 -0000 >@@ -182,7 +182,7 @@ key_save_private_pem(Key *key, const cha > int success = 0; > int len = strlen(_passphrase); > u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL; >- const EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; >+ const EVP_CIPHER *cipher = (len > 0) ? EVP_aes_256_cbc() : NULL; > > if (len > 0 && len <= 4) { > error("passphrase too short: have %d bytes, need > 4", len); > >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1597">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1550
: 1597