University of Oregon

Changes to shell.uoregon.edu on May 2, 2017

Audience
Faculty/Staff
Researcher
Student
GTF
On Tuesday, May 2, 2017, at 8am, Information Services staff made a change to shell.uoregon.edu that requires users to take action.
 
Specifically, IS staff upgraded the SSH RSA host key for shell.uoregon.edu from a very old 1024-bit key to a newer 2048-bit key.
 
If you use shell.uoregon.edu, the first time you try to log in after about 8am on May 2, you will probably get a warning from your SSH client about a different host key. For example, the OpenSSH client used on many systems will show a warning like this:
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
86:98:93:bd:0a:fb:88:88:9e:88:22:02:07:28:c0:fd.
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this message.
 
Before you can log in again, you will need to remove your existing host key for shell.uoregon.edu and accept the new one. You can verify that you're receiving the correct new key by confirming that it is using the correct fingerprint, which may be displayed in either of the following two formats:
  • Fingerprint (MD5): 86:98:93:bd:0a:fb:88:88:9e:88:22:02:07:28:c0:fd
  • Fingerprint (SHA256): xYeHawBE1hYimVVfnyS/btxymRsYzQuaveLVbJC1oMA

Other changes to shell.uoregon.edu and sftp.uoregon.edu

The May 2 maintenance included some additional changes to shell.uoregon.edu and sftp.uoregon.edu that shouldn't affect modern SSH clients in routine use but that may be of technical interest to advanced users of SSH.
  • Those who wish to ensure that their SSH clients will continue to work with shell.uoregon.edu and sftp.uoregon.edu after the May 2 change can SSH to the host mantle.uoregon.edu (an alias for shell.uoregon.edu) which runs an SSH server with the intended configuration changes.
  • The SSH version 1 protocol is no longer supported due to its cryptographic weaknesses. However, there is also no indication anyone uses this protocol with shell.uoregon.edu or sftp.uoregon.edu anymore.
  • The SSH "arcfour" ciphers (arcfour, arcfour128, arcfour256) are no longer supported, as the RC4 ("arcfour") encryption algorithm has been found to be cryptographically weak.
  • Similarly the hmac-md5, umac-64, hmac-sha1-96, and hmac-md5-96 MAC algorithms are no longer supported due to their cryptographic weakness.
  • The SSH-DSS host key for shell.uoregon.edu and sftp.uoregon.edu are no longer supported by the SSH server because it is limited to 1024 bits in size.
  • The older diffie-hellman-group14-sha1 and diffie-hellman-group1-sha1 key exchange methods are no longer supported because they use 1024-bit Diffie-Hellman parameters. The diffie-hellman-group-exchange-sha256 and diffie-hellman-group-exchange-sha1 methods continue to work with Diffie-Hellman parameters of 2048 bits or larger.
  • The SSH servers on shell.uoregon.edu and sftp.uoregon.edu now prefer cryptographically stronger stronger cipher and HMAC settings over weaker ones, so clients will generally negotiate the strongest settings they support. Some weaker ciphers and HMACs (like 3DES and SHA-1) continue to be supported for compatibility with older clients but may be removed if more critical weaknesses are found.
If you have any questions about these changes, please contact the Technology Service Desk.