Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Has KeyRegenerationInterval any effect in SSH2?

Tags:

configuration

openssh

sshd

I am setting up a new Linux-Server and I am editing sshd_config. I will use protocol version 2 (which is default anyway):

Protocol 2

But in the default config-file I also find this two lines:

KeyRegenerationInterval 3600
ServerKeyBits 768

Manpage sshd_config(5) says about KeyRegenerationInterval:

In protocol version 1, the ephemeral server key is automatically regenerated after this many seconds (if it has been used). The purpose of regeneration is to prevent decrypting captured sessions by later breaking into the machine and stealing the keys. The key is never stored anywhere. If the value is 0, the key is never regenerated. The default is 3600 (seconds).

So I know what this parameter does in SSH1. But I don't use SSH1. I use the default version SSH2, but the manpage gives no information about the effect of KeyRegenerationInterval in protocol version 2. Has KeyRegenerationInterval any effect in protocol version 2? And what about ServerKeyBits?

What will happen if I leave this settings in the config file when I set Protocol 2? What will happen when I delete those two lines?

I guess that those two parameters are ignored if protocol version is set to 2. But this is just guessed. From what I read until now I can't know for sure. Do you KNOW (not guess) what effect KeyRegenerationInterval and ServerKeyBits have in SSH2?

like image 795
Hubert Schölnast Avatar asked Aug 12 '14 05:08

Hubert Schölnast

3 Answers

TL;DR: No, these options have no effect in SSH-2 (and SSH-1 support is removed since 2016).

When unsure, source code is the best documentation.

If we search for ServerKeyBits and KeyRegenerationInterval in the entire OpenSSH source code, we find only this in servconf.c:

        { "serverkeybits", sDeprecated, SSHCFG_GLOBAL },
        . . .
        { "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL },
        . . .

    case sDeprecated:
    case sIgnore:
    case sUnsupported:
        do_log2(opcode == sIgnore ?
            SYSLOG_LEVEL_DEBUG2 : SYSLOG_LEVEL_INFO,
            "%s line %d: %s option %s", filename, linenum,
            opcode == sUnsupported ? "Unsupported" : "Deprecated", arg);
        while (arg)
            arg = strdelim(&cp);
        break;

In other words, both options simply print a deprecation warning and have further no effect.

Then using the blame feature we find that the options were removed in the commit c38ea6348 of Aug 23, 2016 (OpenSSH 7.4p1):

Remove more SSH1 server code: * Drop sshd's -k option. *
Retire configuration keywords that only apply to protocol 1, as well as   the
"protocol" keyword. * Remove some related vestiges of protocol 1 support.

Before that they were used only for SSH-1. E.g. KeyRegenerationInterval:

    { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL },
    . . .

    case sKeyRegenerationTime:
        intptr = &options->key_regeneration_time;
        goto parse_time;

Used in sshd.c/L1442:

            if ((options.protocol & SSH_PROTO_1) &&
                key_used == 0) {
                /* Schedule server key regeneration alarm. */
                signal(SIGALRM, key_regeneration_alarm);
                alarm(options.key_regeneration_time);
                key_used = 1;
            }

Note: for SSH-2 there's a more powerful RekeyLimit.

like image 199
rustyx Avatar answered Oct 19 '22 17:10

rustyx

I'm sure that you already know this. I just didn't want to leave the question unanswered. These options (KeyRegenerationInterval & ServerKeyBits) affect the server key that is generated for SSH protocol 1. You should not have to worry about this if you demand that your connections adhere to protocol 2.

like image 29
Eamonn Travers Avatar answered Oct 19 '22 18:10

Eamonn Travers

For proto 2, there's this :

RekeyLimit

Specifies the maximum amount of data that may be transmitted
before the session key is renegotiated, optionally followed a
maximum amount of time that may pass before the session key is
renegotiated. The first argument is specified in bytes and
may have a suffix of 'K', 'M', or 'G' to indicate Kilobytes,
Megabytes, or Gigabytes, respectively.
The default is between '1G' and '4G', depending on the cipher.
The optional second value is specified in seconds and may use
any of the units documented in the TIME FORMATS section.
The default value for RekeyLimit is default none, which
means that rekeying is performed after the cipher's default
amount of data has been sent or received and no time based
rekeying is done.

Source :

https://www.freebsd.org/cgi/man.cgi?sshd_config(5)
like image 45
jmullee Avatar answered Oct 19 '22 16:10

jmullee
Sign in to Comment

Related questions

Package-specific logging levels for different Logback appenders
How can I mute Rails 3 deprecation warnings selectively?
Spring 3.1 configuration: environment not injected
JBoss AS 7 with two webapps on different http ports?
How to initialize a Java Date object in Spring xml configuration file?
How can I configure Hibernate to use SSL to talk to the DB server?
How can I get Hudson to update through Proxy
Boost.Log Configuration Files
How to configure waffle in spring using java configuration
How to configure bugzilla to not advance to next bug when updating?
PHPUnit configuration (phpunit.xml) -- loading in a bootstrap?
Recognizing properties file changes without restarting Tomcat
How to run HBase shell against a remote cluster
Apache Listen configuration [closed]
How to set Prometheus Alertmanager external URL via configuration
What is the purpose of jvm.cfg file in relation to Java?
Programmatically set WCF timeout in debug mode
Managing deployment and configuration tasks in Scrum [closed]
How can I specify custom global gitconfig path?
How would you centralize configuration across multiple projects?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!