DROPBEAR_DH_GROUP14_SHA1 discussion

Joseph Reynolds jrey at linux.ibm.com
Wed Sep 16 01:57:35 AEST 2020


I got a question about the ciphers supported by the dropbear SSH server 
that was patched here [1].
Specifically, the OpenBMC patch disables DROPBEAR_DH_GROUP14_SHA1. What 
are the consequences of re-enabling it in a downstream project?

My answer:
OpenBMC disabled this because SHA1 algorithms are considered to be 
medium strength and the ability to break these will only increase during 
a typical BMC lifetime of 7 years.  I understand this means an attacker 
with (1) visibility to the encrypted SSH traffic and (2) access to a 
very powerful compute facility may be able to break the encryption in 24 
hours.  If this risk is acceptable, you can re-enable this cipher.

- Joseph

[1]: 
https://github.com/openbmc/openbmc/blob/master/poky/meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch 



More information about the openbmc mailing list