Contributed by tj on from the i-have-a-fviend-in-Vome dept.
An early heads up came from Theo de Raadt in this mailing list posting.
Until you are able to patch affected systems, the recommended workaround is to use
# echo -e 'Host *\nUseRoaming no' >> /etc/ssh/ssh_config
That is, add the option UseRoaming no to your /etc/ssh/ssh_config (or your user's ~/.ssh/config) file, or start your ssh client with -oUseRoaming=no included on the commandline.
We will be updating this article with more information as it becomes available.
UPDATE: This affects OpenSSH versions 5.4 through 7.1.
UPDATE: The following commit from deraadt@ has just gone in:
CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2016/01/14 07:34:34 Modified files: usr.bin/ssh : readconf.c ssh.c Log message: Disable experimental client-side roaming support. Server side was disabled/gutted for years already, but this aspect was surprisingly forgotten. Thanks for report from Qualys
UPDATE: Errata patches for 5.8 and 5.7 have been published.
UPDATE: Portable OpenSSH 7.1p2 has been released:
* SECURITY: ssh(1): The OpenSSH client code between 5.4 and 7.1 contains experimential support for resuming SSH-connections (roaming). The matching server code has never been shipped, but the client code was enabled by default and could be tricked by a malicious server into leaking client memory to the server, including private client user keys. The authentication of the server host key prevents exploitation by a man-in-the-middle, so this information leak is restricted to connections to malicious or compromised servers. MITIGATION: For OpenSSH >= 5.4 the vulnerable code in the client can be completely disabled by adding 'UseRoaming no' to the global ssh_config(5) file, or to user configuration in ~/.ssh/config, or by passing -oUseRoaming=no on the command line.
UPDATE: Fixed versions are available for OpenBSD snapshots dated 2016-01-12 and later. M:Tier has binpatches for OpenBSD 5.7-stable and 5.8-stable. Debian, Ubuntu, RHEL, and many other Linux distros have it now or will soon.
UPDATE: The roaming code has been stripped out of OpenBSD -current:
CVSROOT: /cvs Module name: src Changes by: markus@cvs.openbsd.org 2016/01/14 09:17:40 Modified files: usr.bin/ssh : clientloop.c kex.c kex.h monitor.c monitor_wrap.c opacket.c opacket.h packet.c packet.h readconf.c readconf.h serverloop.c ssh.c ssh2.h sshconnect.c sshconnect2.c sshd.c usr.bin/ssh/lib: Makefile usr.bin/ssh/ssh: Makefile usr.bin/ssh/ssh-keyscan: Makefile usr.bin/ssh/ssh-keysign: Makefile usr.bin/ssh/sshd: Makefile Removed files: usr.bin/ssh : roaming.h roaming_client.c roaming_common.c roaming_dummy.c roaming_serv.c Log message: remove roaming support; ok djm@
UPDATE: The FreeBSD port has been updated, and a security advisory was issued for the version in their base system the following day.
UPDATE: Qualys Security has posted their full report on the issues.
UPDATE: While the information leak is much more difficult to exploit on systems with ASLR, like OpenBSD, some users may want to consider rotating their key pairs. If you use ssh-agent(1), however, the man page offers some good news:
The agent will never send a private key over its request channel. Instead, operations that require a private key will be performed by the agent, and the result will be returned to the requester. This way, private keys are not exposed to clients using the agent.
UPDATE: For Mac OS X, the version of OpenSSH in MacPorts has been updated. Since Apple typically delays security fixes, you're advised to apply the workaround if using the bundled OpenSSH instead.
(Comments are closed)
By Noryungi (noryungi) noryungi@yahoo.com on
Thanks for the heads up.
Comments
By phessler (phessler) on http://www.openbsdfoundation.org/donations.html
>
> Thanks for the heads up.
thanks, fixed
By XANi (193.200.227.222) on
Comments
By Anonymous Coward (91.159.26.66) on
Please read the updates, it's mentioned in the commit log.
Comments
By XANi (83.28.135.65) on
>
> Please read the updates, it's mentioned in the commit log.
No I've read *why* code is there (fair enough, happens to everybody). It was never (AFAIK) outside of "experimental" phase so why it was ever enabled by default ?
By Dan Langille (198.148.79.136) dan@langille.org on
Comments
By Anonymous Coward (72.48.251.46) on
huh? the notes specifically say otherwise
Comments
By Anonymous Coward (71.185.48.174) on
>
> huh? the notes specifically say otherwise
I suspect my sources read the code and read it wrong... I withdraw my claim.
Comments
By Dan Langille (198.148.79.136) dan@langille.org on
> >
> > huh? the notes specifically say otherwise
>
> I suspect my sources read the code and read it wrong... I withdraw my claim.
See previous reply below.
By Anonymous Coward (40.141.219.4) on
What version of SSH has 'UseRoaming no' as the default? Looks like it's enabled on OpenSSH 6.0p1 (used by CentOS 6.5) and OpenSSH 6.9p1 (Ubuntu 15.10).
user@host1$ ssh -vvv <host2> -oUseRoaming=no true 2>&1 | grep Roaming
(no output)
user@host1$ ssh -vvv <host2> -oUseRoaming=yes true 2>&1 | grep Roaming
debug1: Roaming not allowed by server
user@host1$ ssh -vvv <host2> true 2>&1 | grep Roaming
debug1: Roaming not allowed by server
By sthen (82.68.199.130) on
Which sources? Check the diff.
Comments
By Anonymous Coward (198.148.79.136) on
>
> Which sources? Check the diff.
Am I reading it incorrectly?
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/readconf.c.diff?r1=1.232&r2=1.232.2.1&sortby=date&f=h
Comments
By Bryce C (2001:470:b:4b:192:168:77:208) on
> >
> > Which sources? Check the diff.
>
> Am I reading it incorrectly?
>
> http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/readconf.c.diff?r1=1.232&r2=1.232.2.1&sortby=date&f=h
If UseRoaming is undefined (default value of -1 is still in place once the configuration has been read in), then it defaults to being enabled (1).
The commit (linked diff) hard-codes that to being disabled (0), impossible to enable.
By Anonymous Coward (87.142.8.108) on
> workaround is to use
> # echo 'UseRoaming no' >> /etc/ssh/ssh_config
If for some reason your ssh_config ends with a different
Host pattern this might not apply to all targets. No?
Comments
By phessler (phessler) on http://www.openbsdfoundation.org/donations.html
> > workaround is to use
> > # echo 'UseRoaming no' >> /etc/ssh/ssh_config
>
> If for some reason your ssh_config ends with a different
> Host pattern this might not apply to all targets. No?
>
>
True, we just updated the recommendation in the story.