SSH icon indicating copy to clipboard operation
SSH copied to clipboard
verified publisher icon RustCrypto

ssh-key: add a crate feature to allow insecure RSA keys - fixes #336

Open Eugeny opened this issue 10 months ago • 3 comments

Ref https://github.com/Eugeny/russh/issues/468

Eugeny avatar Feb 24 '25 22:02 Eugeny

It would probably make sense to figure out a common naming convention we can use for rsa and dsa which allows insecure cryptography

tarcieri avatar Feb 25 '25 07:02 tarcieri

I'm fine with it either way. I've chosen the hazmat- prefix as it's used as module name for dangerous stuff elsewhere in RustCrypto (e.g. rsa). I can rename dsa to hazmat-dsa but I think the current name is better as it's in line with other algo features.

Eugeny avatar Feb 25 '25 08:02 Eugeny

Related: https://github.com/RustCrypto/RSA/issues/445

tarcieri avatar Feb 28 '25 08:02 tarcieri

Using crate features can be dangerous as features are unified, so if one crate enables it it disable this protection for another crate. I think this should be opt-in for each use-site, rather than globally.

nbdd0121 avatar Mar 31 '25 10:03 nbdd0121

Yeah, if we support this it would be better to have an explicit API for it (which could still be feature-gated)

tarcieri avatar Mar 31 '25 13:03 tarcieri

We can probably remove this check entirely when the rsa crate enforces a minimum modulus size (RustCrypto/RSA#445), which is currently proposed to be 1024-bits.

@Eugeny would that be good enough for your use cases? I hope you don't actually want to use RSA keys smaller than that.

tarcieri avatar Jun 01 '25 17:06 tarcieri

That would be perfectly fine and also aligns with what OpenSSH is doing :+1:

Eugeny avatar Jun 01 '25 19:06 Eugeny