Changes to shell.uoregon.edu on May 2, 2017
On Tuesday, May 2, 2017, at 8am, Information Services staff will be making a change to shell.uoregon.edu that will require users to take action.
Specifically, IS staff will be upgrading the SSH RSA host key for shell.uoregon.edu from a very old 1024-bit key to a newer 2048-bit key.
If you use shell.uoregon.edu, the first time you try to log in after about 8am on May 2, you will probably get a warning from your SSH client about a different host key. For example, the OpenSSH client used on many systems will show a warning like this:
Before you can log in again, you will need to remove your existing host key for shell.uoregon.edu and accept the new one. You can verify that you're receiving the correct new key by confirming that it is using this fingerprint:
Other changes to shell.uoregon.edu and sftp.uoregon.edu
The May 2 maintenance will include some additional changes to shell.uoregon.edu and sftp.uoregon.edu that shouldn't affect modern SSH clients in routine use but that may be of technical interest to advanced users of SSH.
- Those who wish to ensure that their SSH clients will continue to work with shell.uoregon.edu and sftp.uoregon.edu after the May 2 change can SSH to the host mantle.uoregon.edu (an alias for shell.uoregon.edu) which runs an SSH server with the intended configuration changes.
- The SSH version 1 protocol will no longer be supported due to its cryptographic weaknesses. However, there is also no indication anyone uses this protocol with shell.uoregon.edu or sftp.uoregon.edu anymore.
- The SSH "arcfour" ciphers (arcfour, arcfour128, arcfour256) will no longer be supported, as the RC4 ("arcfour") encryption algorithm has been found to be cryptographically weak.
- Similarly the hmac-md5, umac-64, hmac-sha1-96, and hmac-md5-96 MAC algorithms will no longer be supported due to their cryptographic weakness.
- The SSH-DSS host key for shell.uoregon.edu and sftp.uoregon.edu will no longer be supported by the SSH server because it is limited to 1024 bits in size.
- The older diffie-hellman-group14-sha1 and diffie-hellman-group1-sha1 key exchange methods will no longer be supported because they use 1024-bit Diffie-Hellman parameters. The diffie-hellman-group-exchange-sha256 and diffie-hellman-group-exchange-sha1 methods will continue to work with Diffie-Hellman parameters of 2048 bits or larger.
- The SSH servers on shell.uoregon.edu and sftp.uoregon.edu will prefer cryptographically stronger stronger cipher and HMAC settings over weaker ones, so clients will generally negotiate the strongest settings they support. Some weaker ciphers and HMACs (like 3DES and SHA-1) will continue to be supported for compatibility with older clients but may be removed if more critical weaknesses are found.
If you have any questions about these changes, please contact the Technology Service Desk.