Support newer SSH key types?

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Goto page 1, 2, 3  Next
Author Message
elyograg
DD-WRT User


Joined: 11 Jul 2021
Posts: 56

PostPosted: Tue Sep 13, 2022 14:19    Post subject: Support newer SSH key types? Reply with quote
Firmware: DD-WRT v3.0-r50146 std (09/10/22)
Hardware: Netgear R9000
Mode: Gateway

I noticed that dropbear in DD-WRT only supports the rsa key type.

This is problematic for two reasons:

1) Recent openssh-client versions will not connect to servers with an RSA host key unless an option is present to allow it.
2) I have begun switching to 521 bit ecdsa keys. I still have a 4096 bit RSA key, but have stopped using it for most things. I suspect that given item 1 above, openssh will stop supporting RSA client keys by default at some point in the future.

Code:
root@orthanc:~# dropbearkey
Must specify a key filename
Usage: dropbearkey -t <type> -f <filename> [-s bits]
-t type   Type of key to generate. One of:
      rsa
-f filename    Use filename for the secret key.
               ~/.ssh/id_dropbear is recommended for client keys.
-s bits   Key size in bits, should be a multiple of 8 (optional)
-y      Just print the publickey and fingerprint for the
      private key in <filename>.
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12840
Location: Netherlands

PostPosted: Tue Sep 13, 2022 14:38    Post subject: Reply with quote
I have ecdsa enabled in my builds but it takes up "serious" space and also 4 MB flash routers have SSH so we are size constraint, it has been asked before but was declined

/* ECDSA is significantly faster than RSA or DSS. Compiling in ECC
* code (either ECDSA or ECDH) increases binary size - around 30kB
* on x86-64 */
#define DROPBEAR_ECDSA 0

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Tue Sep 13, 2022 14:53    Post subject: Reply with quote
There is chachapoly support in current official builds, however I have still not been able to convince the head developer to enable elliptic curves for higher flash routers.
_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
elyograg
DD-WRT User


Joined: 11 Jul 2021
Posts: 56

PostPosted: Tue Sep 13, 2022 15:52    Post subject: Reply with quote
Quote:
I have ecdsa enabled in my builds but it takes up "serious" space and also 4 MB flash routers have SSH so we are size constraint, it has been asked before but was declined


That's interesting. Are the other key types disabled in the openssh build? If openssh can support them with the DD-WRT build, then it seems like dropbear would not need to be significantly larger to use them, but if they are disabled in openssh, then it makes sense.

Would the extra binary size be problematic for the larger builds? I'm using std. I imagine there is already a lot of customization for the smaller builds. Only enabling rsa on those and allowing other types on one or more larger builds seems very pragmatic.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14129
Location: Texas, USA

PostPosted: Tue Sep 13, 2022 16:00    Post subject: Reply with quote
Which ssh client doesn't support RSA key types currently? Which OS-native ssh implementation doesn't use it by default currently? I'm curious to hear the answer.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12840
Location: Netherlands

PostPosted: Tue Sep 13, 2022 16:17    Post subject: Reply with quote
elyograg wrote:
Quote:
I have ecdsa enabled in my builds but it takes up "serious" space and also 4 MB flash routers have SSH so we are size constraint, it has been asked before but was declined


That's interesting. Are the other key types disabled in the openssh build? If openssh can support them with the DD-WRT build, then it seems like dropbear would not need to be significantly larger to use them, but if they are disabled in openssh, then it makes sense.

Would the extra binary size be problematic for the larger builds? I'm using std. I imagine there is already a lot of customization for the smaller builds. Only enabling rsa on those and allowing other types on one or more larger builds seems very pragmatic.


I enabled ecdsa not because I need it but because I can Smile

For most routers I administer I still use 4096 bit RSA keys and have no problems with this.

There are 300+ routers supported (I never counted, just a guess) and customization is an administrative burden.

I added some packages with customization (Ipset, Avahi) but the grand wizard is not a fan of customization and I can understand why if you have to customize 300 config files and have to decide which router gets what.

Impossible it is not but we are short staffed, if only it was easy to make your own build Sad

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
mwchang
DD-WRT Guru


Joined: 26 Mar 2013
Posts: 1855
Location: Hung Hom, Hong Kong

PostPosted: Tue Sep 13, 2022 16:45    Post subject: Reply with quote
egc wrote:

I enabled ecdsa not because I need it but because I can Smile

For most routers I administer I still use 4096 bit RSA keys and have no problems with this.

There are 300+ routers supported (I never counted, just a guess) and customization is an administrative burden.

I thought I read back then RSA was and is more secured than DSA, and DSA was deprecated in OpenSSH.

I dunno ECDSA though ... and ECC keys? Wink

ssh - OpenSSH doesn't accept ECDSA keys - Server Fault
https://serverfault.com/questions/559373/openssh-doesnt-accept-ecdsa-keys

Arch Linux - News: openssh-7.0p1 deprecates ssh-dss keys
https://archlinux.org/news/openssh-70p1-deprecates-ssh-dss-keys/

OpenSSH: Legacy Options
https://www.openssh.com/legacy.html

BTW, you can always install OpenSSH via Entware. I dunno whether you could just replace Dropbear with standard OpenSSH....

_________________
Router: Asus RT-N18U (rev. A1)

Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!

Facebook: https://www.facebook.com/changmanwai
Website: https://sites.google.com/site/changmw
SETI@Home profile: http://setiathome.berkeley.edu/view_profile.php?userid=211832
GitHub: https://github.com/changmw/changmw
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Tue Sep 13, 2022 17:11    Post subject: Reply with quote
what do you want with ECDSA when there is (EDDSA) Ed25519?
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12840
Location: Netherlands

PostPosted: Tue Sep 13, 2022 17:22    Post subject: Reply with quote
nice overview : https://goteleport.com/blog/comparing-ssh-keys/
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Tue Sep 13, 2022 18:13    Post subject: Reply with quote
ho1Aetoo wrote:
what do you want with ECDSA when there is (EDDSA) Ed25519?


Good luck with that DD-WRT side, just getting a smaller/faster ECDSA is already proving a no man land for standard official builds, egc said it, none wants to maintain complex build /makefiles.

It would be a win HTTPS side, faster/smaller certificates and possibly even have a single CA certificate to install in browsers as to get rid of the dumb ass not secure browser notices, fairly simple to implement, very difficult to get past BS, so SSH would merely benefit.

Sure we want better and faster security, but whos going to try again get past the bridge?

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Tue Sep 13, 2022 19:06    Post subject: Reply with quote
Quote:
/* ECDSA is significantly faster than RSA or DSS. Compiling in ECC
* code (either ECDSA or ECDH) increases binary size - around 30kB
* on x86-64 */
#define DROPBEAR_ECDSA 0


Quote:
/* Ed25519 is faster than ECDSA. Compiling in Ed25519 code increases
binary size - around 7,5kB on x86-64 */
#define DROPBEAR_ED25519 0


But in the end it doesn't matter I just asked why egc has activated ECDSA and not Ed25519

by the way i don't need it because i use it for a long time, i use other devices for ssh
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Tue Sep 13, 2022 19:45    Post subject: Reply with quote
Every thread/posts that pops up with this subject ends in a shrug.

He did it because as egc our beloved MCHO already said it because he can, why one not the other matters not, clearly.

I think the answer to the OP is, officially, good luck with that request. I'm holding for elliptic curve as well, best I could push through was chachapoly which is currently the most modern supported..

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
mwchang
DD-WRT Guru


Joined: 26 Mar 2013
Posts: 1855
Location: Hung Hom, Hong Kong

PostPosted: Wed Sep 14, 2022 12:16    Post subject: Reply with quote
the-joker wrote:
I think the answer to the OP is, officially, good luck with that request. I'm holding for elliptic curve as well, best I could push through was chachapoly which is currently the most modern supported..

If "elliptic curve" was so magical, why was there ECDSA but not ECRSA? I am just curious... it's just maths!? Wink

_________________
Router: Asus RT-N18U (rev. A1)

Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!

Facebook: https://www.facebook.com/changmanwai
Website: https://sites.google.com/site/changmw
SETI@Home profile: http://setiathome.berkeley.edu/view_profile.php?userid=211832
GitHub: https://github.com/changmw/changmw
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Wed Sep 14, 2022 14:01    Post subject: Reply with quote
Elliptic-curves are about key size and speed, to achieve the same encryption level basically with less bits, ECRSA doesn't exist AFAIK, you just made it up Cool.

https://en.wikipedia.org/wiki/Elliptic-curve_cryptography

But while we talk ciphers, the post quantum encryption Microsoft developed was all hacked in an hour using a single core on a XEON CPU.

Anyway, ECC is about speed/key size not necessarily security.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
mwchang
DD-WRT Guru


Joined: 26 Mar 2013
Posts: 1855
Location: Hung Hom, Hong Kong

PostPosted: Thu Sep 15, 2022 12:19    Post subject: Reply with quote
the-joker wrote:
Elliptic-curves are about key size and speed, to achieve the same encryption level basically with less bits, ECRSA doesn't exist AFAIK, you just made it up Cool.
https://en.wikipedia.org/wiki/Elliptic-curve_cryptography

I was just curious why EC could not be applied to RSA 2 keys, not trying to make up anything. Why was it DSA but not RSA? Smile

Anyway, it seemed that ECDSA was quite old. Maybe it required too much computing power in the time when faster CPUs were not available? And hence the preference of RSA?

BTW, there are tickets about Dropbear and ECDSA and ED25519!

#7140 (Add Ed25519 support to Dropbear defaults) – DD-WRT
https://svn.dd-wrt.com/ticket/7140

#5714 (Update dropbear config options to reflect better security settings) – DD-WRT
https://svn.dd-wrt.com/ticket/5714

ecdsa.h in src/router/dropbear – DD-WRT
https://svn.dd-wrt.com/browser/src/router/dropbear/ecdsa.h?rev=39275

[SOLVED] Dropbear and ed25519 keys - Resolved in 21.02 - Installing and Using OpenWrt - OpenWrt Forum
https://forum.openwrt.org/t/solved-dropbear-and-ed25519-keys-resolved-in-21-02/23539/6

public key - Why is elliptic curve cryptography not widely used, compared to RSA? - Cryptography Stack Exchange
https://crypto.stackexchange.com/questions/1190/why-is-elliptic-curve-cryptography-not-widely-used-compared-to-rsa

ECDSA vs RSA: Everything You Need to Know
https://sectigostore.com/blog/ecdsa-vs-rsa-everything-you-need-to-know/

_________________
Router: Asus RT-N18U (rev. A1)

Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!

Facebook: https://www.facebook.com/changmanwai
Website: https://sites.google.com/site/changmw
SETI@Home profile: http://setiathome.berkeley.edu/view_profile.php?userid=211832
GitHub: https://github.com/changmw/changmw
Goto page 1, 2, 3  Next Display posts from previous:    Page 1 of 3
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum