[ssh_x509] x509v3-ssh-rsa hostkey algorithm on Cisco IOS XE

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Thu Feb 20 15:38:16 EET 2020


Hi Roumen,

Thanks for quick feedback on that!

> Two formats :
> a) blob, i.e. base64 encoded certificate similar to plain keys. Actually
> this is same as "pub"-file.
> b) dn ( distinguished name ).
>
> Formats are used  for "know hosts" and "authorized keys" files.
>
> This sis described in README.x509v3 and manual pages.

Thanks for that reference, I've gone through it already and it does specify
how to use @cert-authority for ssh-rsa hostkey algorithm, but not for
x509v3-ssh-rsa. I've tried couple options in known_hosts to make it to
work, but no luck:

    @cert-authority *.lab.local x509v3-sign-rsa
Issuer:C=AU,ST=Some-State,O=Internet Widgits Pty Ltd
    @cert-authority *.lab.local x509v3-sign-rsa <Public Key of the CA that
signed cert for SSH server in ssh-rsa format>

> This is due to inherited functionality from ssh.com, then openssh and
> then pkis-ssh: pub-format or DN (new). DER or PEM encoded X.509
> certificate is not supported directly yet.

Yeah, noted that. Do you have any plans to integrate such functionality
into PKIX-SSH? For GNU/Linux implementation, there's SSH CA that does well
for ssh-rsa (and some others like ecdsa-sha2-nistp256), but for
x509v3-ssh-rsa that is the only one implemented in Cisco IOS it doesn't
work as a scale, as current trust on a per-host (per SSH server) isn't any
more scalable compared to per-host trust with ssh-rsa.

---
Sergei Fomin



On Wed, Feb 19, 2020 at 8:05 PM <ssh_x509 at roumenpetrov.info> wrote:

> Hello Sergei,
>
> ssh_x509 at roumenpetrov.info wrote:
> > Hello Roumen,
> >
> > For quite a while, Cisco IOS XE supports x509v3-ssh-rsa as hostkey
> > algrithm. I've set up a lab environment to lab it and can connect to IOS
> XE
> > router with x509v3-ssh-rsa hostkey. The thing I'm interested in, is the
> > format PKIXSSH uses to store the SSH server's identity in known_hosts:
> >
> > .ssh/known_hosts
> > 172.16.3.10 x509v3-sign-rsa Subject:C=AU,ST=Some-State,O=Internet Widgits
> > Pty Ltd,CN=r1.lab.local
>
> Two formats :
> a) blob, i.e. base64 encoded certificate similar to plain keys. Actually
> this is same as "pub"-file.
> b) dn ( distinguished name ).
>
> Formats are used  for "know hosts" and "authorized keys" files.
>
> This sis described in README.x509v3 and manual pages.
> (
> https://urldefense.proofpoint.com/v2/url?u=https-3A__securebox.termoneplus.com_man8_sshd.8.html-23SSH-5FKNOWN-5FHOSTS-5FFILE-5FFORMAT&d=DwIGaQ&c=qE8EibqjfXM-zBfebVhd4gtjNZbrDcrKYXvb1gt38s4&r=9XrQNPIWJtsaesEtcBOvbGkSS-irozw8rW8oLr9bvaY&m=4u0nC3N8YHq50g52CyeUc6mnvhOqaX4ptocFgiHv6dE&s=IE_2bCryXPYnzUmMx_CEwHGmCRzhk59oMOllaVoPK84&e=
> ).
>
>
> > I evaluated that x509v3-ssh-rsa option as a replacement of typical
> ssh-rsa
> > hostkeys, and thought it should have a store of valid CAs per domain in a
> > format similar to (just proposing) "*.lab.local x509v3-sign-rsa
> > /etc/ssl/certificates/ca.lab.local.cer". This will facilitate a scalable
> > management of trust when you need to import a cert of only one CA that
> has
> > signed certs for hundreds of SSH servers and you need only one entry in
> > known_hosts to trust all of them, opposed to per-host trust with regular
> > ssh-rsa. Unfortunately I was unable to figure out how to configure
> PKIX-SSH
> > to do so.
>
> This is due to inherited functionality from ssh.com, then openssh and
> then pkis-ssh: pub-format or DN (new). DER or PEM encoded X.509
> certificate is not supported directly yet.
>
>
> > Am I understanding right that as of now PKIX-SSH just compares CN in the
> > certificate that it was presented with and if there's a match, it
> considers
> > that SSH server is authentic?
>
> This sound like regression ...
>
>
> > Or I'm totally missing some PKIX-SSH's config
> > options?
> >
> > ---
> > Sergei Fomin
>
>
> Regards,
> Roumen Petrov
>
> _______________________________________________
> ssh_x509 mailing list
> ssh_x509 at roumenpetrov.info
>
> https://urldefense.proofpoint.com/v2/url?u=http-3A__roumenpetrov.info_mailman_listinfo_ssh-5Fx509-5Froumenpetrov.info&d=DwIGaQ&c=qE8EibqjfXM-zBfebVhd4gtjNZbrDcrKYXvb1gt38s4&r=9XrQNPIWJtsaesEtcBOvbGkSS-irozw8rW8oLr9bvaY&m=4u0nC3N8YHq50g52CyeUc6mnvhOqaX4ptocFgiHv6dE&s=kvTGne2-OhyKgQW-Ps1Pzlt5m6GDZEbS1KdCGCm8V4Y&e=
>


More information about the ssh_x509 mailing list