Hi Mark, the file is installed from the build, not generated on install. Install is by debian/openssh-client.install
It also is considered a conffile for the sense ot change tracking. $ dpkg --status openssh-client [...] Conffiles: /etc/ssh/moduli 0075fd4b72a421f909af9809d0dd3bdc A quick check showed that they are the same on all xenial systems I ever touched even across architectures. oO lets hope this is not a comeback of the "same key on all systems" issue :-/ A check across distributions and releases showed me: 1. at least in a given Ubuntu release all systems have the same file 2. Debian is the same, e.g. buster/bionic match 3. all Fedora are the same, but different to Ubuntu/Debian 4. if removing the version tracking header on Fedora it is the same as Ubuntu/Debian Hmm, either this is broken everywhere or this doesn't have to be that unique. The file is actually provided by upstream, that is the reason why the only change found is on upgrading versions if e.g. upstream deprecated some. E.g. after the Snowden leaks those with less than 2k were removed. There are articles mentioning that it might be useful to regenerate that like [1][2], but no hard requirement to do so it seems. So it seems a hardening action, but not a hard requirement to be unique. Note: a regen run takes quite a few cpu cycles and time - I measured the two steps to be: - ssh-keygen -G took 8:57.55 with 534.61 seconds cpu load - ssh-keygen -T I aborted this at 33% at 30:31.67 with 1816.35 seconds cpu load Lets assume it is 1-2 hours, not even thinking about raspi's and such. That is clearly too much for an instance instantiation, even too much for a default package install later on. Furthermore I'd like to quote this from [3] which might be a good reason it is even less important these days than we thought at first. "Regardless, the moduli file is only used when using the Diffie-Hellman Group Exchange method, which isn’t the default key exchange." >From man sshd_config in Bionic the current order seems: curve25519-sha256,curve25519-sha...@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 So maybe (but only maybe) a ssh-extra-security package doing so as suggests or helper tool bundled to openssh that would do the update might be a nice security addition. I'm adding the security Team to weight in on opinions: - should it be unique per system? - if so, preferred delivery mechanism - might an individual generated moduli file decrease security compared to a "curated and reviewed" shared one? There are mentions of "Ssh-keygen’s primality tests are statistical tests and can lead to false positives." that make me think so. @Mark - all that does not explain why you got the upgrade message thou. I'd assume you had not changed your file - so it should have silently be upgraded to the new version IMHO. Have you custom generated your's in the past? If there still is a dpkg-old version of it what is the checksum (Xenial was 0075fd4b72a421f909af9809d0dd3bdc)? [1]: https://stribika.github.io/2015/01/04/secure-secure-shell.html [2]: https://security.stackexchange.com/questions/79043/is-it-considered-worth-it-to-replace-opensshs-moduli-file [3]: https://entropux.net/article/openssh-moduli -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1748709 Title: Upgrade from xenial to bionic wants to replace moduli Status in openssh package in Ubuntu: New Bug description: I see this on upgrade on one machine, which is unexpected. If this file is generated by each machine, why would we ship a default? Configuration file '/etc/ssh/moduli' ==> Modified (by you or by a script) since installation. ==> Package distributor has shipped an updated version. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** moduli (Y/I/N/O/D/Z) [default=N] ? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1748709/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
