19

Hypothetically, what could an attacker achieve if they have a copy of of /etc/ssh/moduli?

1 Answers1

18

Nothing. The attacker already has it: it is distributed with the OpenSSH source code. This file is used to define the group in which the Diffie-Hellman key exchange may run; the group description is public, it contains no secret value, and can be shared at will. OpenSSH includes several group definitions and selects one at random just because they are paranoid (which is not necessarily a bad thing, for a security product).

StackzOfZtuff
  • 18,093
  • 1
  • 52
  • 86
Thomas Pornin
  • 326,555
  • 60
  • 792
  • 962
  • 1
    Presumably though, if it was discovered that one of the commonly distributed values was weak for any reason, then the fact that so many people use it would be problematic? – frankster Jan 06 '15 at 18:26
  • 1
    Yes, it would be problematic, in roughly the same extent as, say, when a buffer overflow is discovered in some Internet-facing service. The past is past; only thing to do would be to patch; in this case, the patch would be a new /etc/ssh/moduli file, distributed through the normal channels for security updates (every Linux distribution has its own mechanism for that). Note that replacing that file does not entail changing the server key, so the update is painless for users. – Thomas Pornin Jan 06 '15 at 20:06