upgraded openssh to 8.x and liboqs 0.6.0

openssh/Dockerfile

@@ -6,13 +6,13 @@ ARG INSTALL_DIR=${DEFAULT_INSTALL_DIR}
 
 # liboqs version
 # ATTENTION: Changing this could mean that further adaptions in sshd_config and ssh_config are required
-ARG LIBOQS_RELEASE="0.4.0"
+ARG LIBOQS_RELEASE="0.6.0"
 
 # liboqs build defines (https://github.com/open-quantum-safe/liboqs/wiki/Customizing-liboqs)
 ARG LIBOQS_BUILD_DEFINES=
 
 # Open quantum safe OpenSSH release
-ARG OQS_OPENSSH_RELEASE="OQS-OpenSSH-snapshot-2020-08"
+ARG OQS_OPENSSH_RELEASE="OQS-v8"
 
 # openssh build defines (https://github.com/open-quantum-safe/openssh#step-2-build-the-fork)
 ARG OPENSSH_BUILD_OPTIONS=
@@ -25,7 +25,7 @@ ARG MAKE_INSTALL="install-nokeys"
 ARG OQS_USER="oqs"
 ARG OQS_PASSWORD="oqs.pw"
 
-FROM alpine:3.11 as intermediate
+FROM debian:stable-slim as intermediate
 # Take in all global args
 ARG INSTALL_DIR
 ARG LIBOQS_RELEASE
@@ -40,16 +40,16 @@ LABEL version="2"
 
 ENV DEBIAN_FRONTEND noninteractive
 
-RUN apk update && apk upgrade
+RUN apt-get update && apt-get upgrade -y
 
 # Get all software packages required for builing all components:
 # Note: build-base cannot be used due to the fortify-headers package throwing an error
-RUN apk add gcc musl-dev linux-headers \
+RUN apt install -y gcc \
     libtool automake autoconf cmake \
     make \
-    openssl openssl-dev \
+    openssl libssl-dev \
     git docker \
-    zlib-dev
+    zlib1g-dev
 
 # get all sources
 WORKDIR /opt
@@ -77,22 +77,23 @@ CMD ["sh"]
 STOPSIGNAL SIGTERM
 
 ## second stage: Only create minimal image without build tooling and intermediate build results generated above:
-FROM alpine:3.11 as dev
+
+FROM debian:stable-slim as dev
 # Take in all global args
 ARG DEFAULT_INSTALL_DIR
 ARG INSTALL_DIR
 ARG OQS_USER
 ARG OQS_PASSWORD
 
-RUN apk update \
-    && apk upgrade \
-    && apk add man bash nano
+RUN apt-get update \
+    && apt-get upgrade -y \
+    && apt install -y man bash nano
 
 # Only retain the ${INSTALL_DIR} contents in the final image
 COPY --from=intermediate ${INSTALL_DIR} ${INSTALL_DIR}
 
 # Create a normal user to be able to log into the system via ssh
-RUN addgroup --gid 1000 --system ${OQS_USER} && adduser --uid 1000 --system ${OQS_USER} --ingroup ${OQS_USER} --shell /bin/sh && echo -e -e "${OQS_PASSWORD}\n${OQS_PASSWORD}" | passwd ${OQS_USER}
+RUN addgroup --gid 1000 --system ${OQS_USER} && adduser --uid 1000 --system ${OQS_USER} --ingroup ${OQS_USER} --shell /bin/sh && echo "${OQS_PASSWORD}\n${OQS_PASSWORD}\n" | passwd ${OQS_USER}
 
 # Set up login shell: Add ssh-binaries to path for ssh login shell, fix /etc/profile not executing /etc/profile.d/*
 RUN sed -i "s|PATH=|PATH=${INSTALL_DIR}/bin:|;s|/etc/profile.d/\*\.sh|/etc/profile.d/\*|" /etc/profile
@@ -105,10 +106,13 @@ RUN chown ${OQS_USER}:${OQS_USER} .
 ENV OQS_INSTALL_DIR=${INSTALL_DIR}
 ENV OQS_USER=$OQS_USER
 
+# Create privilege separation user
+RUN mkdir -p /var/empty && groupadd sshd && useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd
+
 # Enable ssh deamon to start at boot (although `rc-service oqs-sshd start` still needs to be called)
 COPY oqs-sshd /etc/init.d/
 RUN sed -ri "s:${DEFAULT_INSTALL_DIR}:${INSTALL_DIR}:g" /etc/init.d/oqs-sshd
-RUN apk add openrc \
+RUN apt install -y openrc openssl \
     && mkdir -p /run/openrc \
     && touch /run/openrc/softlevel \
     && rc-update add oqs-sshd \

openssh/USAGE.md

@@ -175,7 +175,7 @@ docker exec -it <name-or-hash-of-container> /opt/oqs-ssh/scripts/key-gen.sh
 
 For a list of all signature and key exchange algorithms see [here](https://github.com/open-quantum-safe/openssh#supported-algorithms). Be aware that there is a limitation of what algorithms are enabled in PQS-OpenSSH per default, more information in the section **Enabling additional PQC algorithms** below. It is recommended to only use the hybrid variants to maintain established classical security. The post-quantum safe algorithms have not yet received enough confidence to be relied on as the only security mechanism.
 
-The image's default key exchange algorithm is `ecdh-nistp384-kyber-1024-sha384@openquantumsafe.org`. For host and identity key (authentication) algorithms `ssh-p256-dilithium2` is used. Those algorithms may be changed by adjusting the files `ssh_config` and `sshd_config` respectively.
+The image's default key exchange algorithm is `ecdh-nistp384-kyber-768-sha384`. For host and identity keys (server and client authentication, respectively) algorithms `ssh-ecdsa-nistp384-dilithium3` and `ssh-ecdsa-nistp384-picnicL3FS` are used. Those algorithms may be changed by adjusting the files `ssh_config` and `sshd_config` respectively.
 
 **In `ssh_config` (client side)**
 - `KexAlgorithms`: Comma-separated list of enabled key-exchange algorithms. Priority given by order. Names according to [this KEX naming scheme](https://github.com/open-quantum-safe/openssh#key-exchange).
@@ -203,10 +203,10 @@ The generation of the host and identity keys happens via the script [key-gen.sh]
 Which keys to generate is determined using the configuration files (`ssh_config` and `sshd_config`). The need for a specific key is determined based on the following parameters:
 1. `IdentityFile` (in `ssh_config`) for **identity keys**: For every entry (there may be multiple) the corresponding identity key is generated.
    - e.g. `IdentityFile ~/.ssh/id_ed25519` or
-   - `IdentityFile ~/.ssh/id_p256_dilithium2`
+   - `IdentityFile ~/.ssh/id_ssh-ecdsa-nistp384-dilithium3`
 2. `HostKey` (in `sshd_config`) for **host keys**: For every entry (there may be multiple) the corresponding host key is generated.
-   - e.g. `HostKey /opt/oqs-ssh/ssh_host_p256_dilithium2_key` or
-   - `HostKey /opt/oqs-ssh/ssh_host_falcon512_key`
+   - e.g. `HostKey /opt/oqs-ssh/ssh_host_ssh-ecdsa-nistp384-dilithium3_key` or
+   - `HostKey /opt/oqs-ssh/ssh_host_ssh-falcon512_key`
 
 In order to generate the host keys and start the `sshd` the image needs to be run as the `root` user, meaning the `docker run` command shall not contain the `--user oqs` option.
 
@@ -232,23 +232,23 @@ As this is a demonstration of post-quantum cryptography, backwards compatibility
 To enable classical SSH support on client side, edit/add lines in [ssh_config]([ssh_config](https://github.com/open-quantum-safe/oqs-demos/tree/main/openssh/ssh_config)) as follows: 
 
 ```
-KexAlgorithms ecdh-nistp384-kyber-1024[email protected],[email protected]
+KexAlgorithms ecdh-nistp384-kyber-768[email protected],[email protected]
 
-HostKeyAlgorithms ssh-p256-dilithium2,ssh-ed25519
+HostKeyAlgorithms ssh-ecdsa-nistp384-dilithium3,ssh-ed25519
 
-PubkeyAcceptedKeyTypes ssh-p256-dilithium2,ssh-ed25519
+PubkeyAcceptedKeyTypes ssh-ecdsa-nistp384-dilithium3,ssh-ed25519
 
 IdentityFile ~/.ssh/id_ed25519
 ```
 
 For adding support for classical SSH on server side, edit/add lines in [sshd_config](https://github.com/open-quantum-safe/oqs-demos/tree/main/openssh/sshd_config) as follows:
 
 ```
-KexAlgorithms ecdh-nistp384-kyber-1024[email protected],curve25519-sha256
+KexAlgorithms ecdh-nistp384-kyber-768[email protected],curve25519-sha256
 
-HostKeyAlgorithms ssh-p256-dilithium2,ssh-ed25519
+HostKeyAlgorithms ssh-ecdsa-nistp384-dilithium3,ssh-ed25519
 
-PubkeyAcceptedKeyTypes ssh-p256-dilithium2,ssh-ed25519
+PubkeyAcceptedKeyTypes ssh-ecdsa-nistp384-dilithium3,ssh-ed25519
 
 HostKey /opt/oqs-ssh/ssh_host_ed25519_key
 ```

openssh/connect-test.sh

@@ -8,8 +8,8 @@ rc-service oqs-sshd stop
 # default options
 OPTIONS=${OPTIONS:="-q -o BatchMode=yes -o StrictHostKeyChecking=no"}
 
-SIG=${SIG_ALG:="p256-dilithium2"}
-KEM=${KEM_ALG:="ecdh-nistp384-kyber-1024"}
+SIG=${SIG_ALG:="ecdsa-nistp384-dilithium3"}
+KEM=${KEM_ALG:="ecdh-nistp384-kyber-768"}
 
 # Generate new identity keys, overwrite old keys
 SSH_DIR="/home/${OQS_USER}/.ssh"
@@ -47,7 +47,7 @@ fi
 # Optionally set KEM to one defined in https://github.com/open-quantum-safe/openssh#key-exchange
 # if left empty, the options defined in sshd_config will be used
 if [ "x$KEM" != "x" ]; then
-    OPTIONS="${OPTIONS} -o KexAlgorithms=${KEM}-sha384@openquantumsafe.org"
+    OPTIONS="${OPTIONS} -o KexAlgorithms=${KEM}-sha384"
 fi
 
 # Optionally set SIG to one defined in https://github.com/open-quantum-safe/openssh#digital-signature

openssh/key-gen.sh

@@ -80,7 +80,7 @@ for IDX in "${!HOST_KEY_ALGS[@]}"; do
         printf "exists @ %-$((MAX_FILE_LEN + 6))s --> SKIPPED\n" "$HOST_FILE(.pub)"
     else
         CMD="${OQS_INSTALL_DIR}/bin/ssh-keygen  -t $ALG -f $HOST_FILE -N '' -q -h"
-        # echo $CMD
+        #echo "Generating key via: $CMD"
         eval $CMD 2> /dev/null
         if [ $? -ne 0 ]; then
             echo "FAILED"

openssh/serverstart.sh

@@ -4,8 +4,8 @@
 
 OPTIONS=${OPTIONS:=""}
 
-SIG=${SIG_ALG:="p256-dilithium2"}
-KEM=${KEM_ALG:="ecdh-nistp384-kyber-1024"}
+SIG=${SIG_ALG:="ecdsa-nistp384-dilithium3"}
+KEM=${KEM_ALG:="ecdh-nistp384-kyber-768"}
 
 # Optionally set port
 # if left empty, the options defined in sshd_config will be used
@@ -16,7 +16,7 @@ fi
 # Optionally set KEM to one defined in https://github.com/open-quantum-safe/openssh#key-exchange
 # if left empty, the options defined in sshd_config will be used
 if [ "x$KEM" != "x" ]; then
-    OPTIONS="${OPTIONS} -o KexAlgorithms=${KEM}-sha384@openquantumsafe.org"
+    OPTIONS="${OPTIONS} -o KexAlgorithms=${KEM}-sha384"
 fi
 
 # Optionally set SIG to one defined in https://github.com/open-quantum-safe/openssh#digital-signature

openssh/ssh_config

@@ -22,13 +22,13 @@
 ###############################################################################
 
 # Key-exchange algorithms
-KexAlgorithms ecdh-nistp384-kyber-1024-sha384@openquantumsafe.org
+KexAlgorithms ecdh-nistp384-kyber-768-sha384
 
 # The host key algorithms ssh accepts
-HostKeyAlgorithms ssh-p256-dilithium2
+HostKeyAlgorithms ssh-ecdsa-nistp384-dilithium3
 
 # The algorithms used for public key authentication
-PubkeyAcceptedKeyTypes ssh-p256-dilithium2
+PubkeyAcceptedKeyTypes ssh-ecdsa-nistp384-dilithium3
 
 # Define how unknown host keys should be handled
 #StrictHostKeyChecking ask
@@ -38,51 +38,30 @@ Port 2222
 
 # All IdentityFile options, enabled ones should match PubkeyAcceptedKeyTypes
 # Uncomment line to enable corresponding algorithm
+# Also ensure corresponding algorithm is enabled in liboqs
 #IdentityFile ~/.ssh/id_rsa
 #IdentityFile ~/.ssh/id_dsa
 #IdentityFile ~/.ssh/id_ed25519
 
-#IdentityFile ~/.ssh/id_oqsdefault
-#IdentityFile ~/.ssh/id_dilithium2
-#IdentityFile ~/.ssh/id_falcon512
-#IdentityFile ~/.ssh/id_mqdss3148
-#IdentityFile ~/.ssh/id_picnicl1fs
-#IdentityFile ~/.ssh/id_picnic3l1
-#IdentityFile ~/.ssh/id_qteslapi
-#IdentityFile ~/.ssh/id_rainbowiaclassic
-#IdentityFile ~/.ssh/id_rainbowiiicclassic
-#IdentityFile ~/.ssh/id_rainbowvcclassic
-#IdentityFile ~/.ssh/id_sphincsharaka128frobust
-#IdentityFile ~/.ssh/id_sphincssha256128frobust
-#IdentityFile ~/.ssh/id_sphincsshake256128frobust
-
-#IdentityFile ~/.ssh/id_p256_oqsdefault
-IdentityFile ~/.ssh/id_p256_dilithium2
-#IdentityFile ~/.ssh/id_p256_falcon512
-#IdentityFile ~/.ssh/id_p256_mqdss3148
-#IdentityFile ~/.ssh/id_p256_picnicl1fs
-#IdentityFile ~/.ssh/id_p256_picnic3l1
-#IdentityFile ~/.ssh/id_p256_qteslapi
-#IdentityFile ~/.ssh/id_p256_rainbowiaclassic
-#IdentityFile ~/.ssh/id_p256_sphincsharaka128frobust
-#IdentityFile ~/.ssh/id_p256_sphincssha256128frobust
-#IdentityFile ~/.ssh/id_p256_sphincsshake256128frobust
-
-#IdentityFile ~/.ssh/id_p384_rainbowiiicclassic
-
-#IdentityFile ~/.ssh/id_p521_rainbowvcclassic
-
-#IdentityFile ~/.ssh/id_rsa3072_oqsdefault
-#IdentityFile ~/.ssh/id_rsa3072_dilithium2
-#IdentityFile ~/.ssh/id_rsa3072_falcon512
-#IdentityFile ~/.ssh/id_rsa3072_mqdss3148
-#IdentityFile ~/.ssh/id_rsa3072_picnicl1fs
-#IdentityFile ~/.ssh/id_rsa3072_picnic3l1
-#IdentityFile ~/.ssh/id_rsa3072_qteslapi
-#IdentityFile ~/.ssh/id_rsa3072_rainbowiaclassic
-#IdentityFile ~/.ssh/id_rsa3072_sphincsharaka128frobust
-#IdentityFile ~/.ssh/id_rsa3072_sphincssha256128frobust
-#IdentityFile ~/.ssh/id_rsa3072_sphincsshake256128frobust
+#IdentityFile ~/.ssh/id_ssh-oqsdefault
+#IdentityFile ~/.ssh/id_ssh-dilithium2aes
+#IdentityFile ~/.ssh/id_ssh-falcon512
+#IdentityFile ~/.ssh/id_ssh-picnicL1full
+#IdentityFile ~/.ssh/id_ssh-picnicL3FS
+#IdentityFile ~/.ssh/id_ssh-sphincsharaka128fsimple
+
+#IdentityFile ~/.ssh/id_ssh-ecdsa-nistp256-oqsdefault
+#IdentityFile ~/.ssh/id_ssh-ecdsa-nistp256-dilithium2aes
+#IdentityFile ~/.ssh/id_ssh-ecdsa-nistp256-falcon512
+#IdentityFile ~/.ssh/id_ssh-ecdsa-nistp256-picnicL1full
+IdentityFile ~/.ssh/id_ssh-ecdsa-nistp384-picnicL3FS
+#IdentityFile ~/.ssh/id_ssh-ecdsa-nistp256-sphincsharaka128fsimple
+
+#IdentityFile ~/.ssh/id_ssh-rsa3072-oqsdefault
+#IdentityFile ~/.ssh/id_ssh-rsa3072-dilithium2aes
+#IdentityFile ~/.ssh/id_ssh-rsa3072-falcon512
+#IdentityFile ~/.ssh/id_ssh-rsa3072-picnicL1full
+#IdentityFile ~/.ssh/id_ssh-rsa3072-sphincsharaka128fsimple
 
 ###############################################################################
 #-- Settings for CLASSICAL SSH ------------------------------------------------

openssh/sshd_config

@@ -15,64 +15,40 @@
 ###############################################################################
 
 # Key-exchange algorithms
-KexAlgorithms ecdh-nistp384-kyber-1024-sha384@openquantumsafe.org
+KexAlgorithms ecdh-nistp384-kyber-768-sha384
 
 # Host key algorithms, these determine the generated host keys
-HostKeyAlgorithms ssh-p256-dilithium2
+HostKeyAlgorithms ssh-ecdsa-nistp384-dilithium3
 
 # Those determine the accepted public keys for public key authentication
-PubkeyAcceptedKeyTypes ssh-p256-dilithium2
+PubkeyAcceptedKeyTypes ssh-ecdsa-nistp384-dilithium3
 
 # The port sshd is listening on
 Port 2222
 
 # The host keys used for host authentication
 # Uncomment line to enable corresponding algorithm
+# be sure the algorithm has been enabled in liboqs
 #HostKey /opt/oqs-ssh/ssh_host_rsa_key
 #HostKey /opt/oqs-ssh/ssh_host_dsa_key
 #HostKey /opt/oqs-ssh/ssh_host_ed25519_key
 
-#HostKey /opt/oqs-ssh/ssh_host_oqsdefault_key
-#HostKey /opt/oqs-ssh/ssh_host_dilithium2_key
-#HostKey /opt/oqs-ssh/ssh_host_falcon512_key
-#HostKey /opt/oqs-ssh/ssh_host_mqdss3148_key
-#HostKey /opt/oqs-ssh/ssh_host_picnicl1fs_key
-#HostKey /opt/oqs-ssh/ssh_host_picnic3l1_key
-#HostKey /opt/oqs-ssh/ssh_host_qteslapi_key
-#HostKey /opt/oqs-ssh/ssh_host_rainbowiaclassic_key
-#HostKey /opt/oqs-ssh/ssh_host_rainbowiiicclassic_key
-#HostKey /opt/oqs-ssh/ssh_host_rainbowvcclassic_key
-#HostKey /opt/oqs-ssh/ssh_host_sphincsharaka128frobust_key
-#HostKey /opt/oqs-ssh/ssh_host_sphincssha256128frobust_key
-#HostKey /opt/oqs-ssh/ssh_host_sphincsshake256128frobust_key
-
-#HostKey /opt/oqs-ssh/ssh_host_p256_oqsdefault_key
-HostKey /opt/oqs-ssh/ssh_host_p256_dilithium2_key
-#HostKey /opt/oqs-ssh/ssh_host_p256_falcon512_key
-#HostKey /opt/oqs-ssh/ssh_host_p256_mqdss3148_key
-#HostKey /opt/oqs-ssh/ssh_host_p256_picnicl1fs_key
-#HostKey /opt/oqs-ssh/ssh_host_p256_picnic3l1_key
-#HostKey /opt/oqs-ssh/ssh_host_p256_qteslapi_key
-#HostKey /opt/oqs-ssh/ssh_host_p256_rainbowiaclassic_key
-#HostKey /opt/oqs-ssh/ssh_host_p256_sphincsharaka128frobust_key
-#HostKey /opt/oqs-ssh/ssh_host_p256_sphincssha256128frobust_key
-#HostKey /opt/oqs-ssh/ssh_host_p256_sphincsshake256128frobust_key
-
-#HostKey /opt/oqs-ssh/ssh_host_p384_rainbowiiicclassic_key
-
-#HostKey /opt/oqs-ssh/ssh_host_p521_rainbowvcclassic_key
-
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_oqsdefault_key
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_dilithium2_key
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_falcon512_key
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_mqdss3148_key
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_picnicl1fs_key
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_picnic3l1_key
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_qteslapi_key
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_rainbowiaclassic_key
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_sphincsharaka128frobust_key
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_sphincssha256128frobust_key
-#HostKey /opt/oqs-ssh/ssh_host_rsa3072_sphincsshake256128frobust_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-oqsdefault_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-dilithium2aes_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-falcon512_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-picnicL1full_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-sphincsharaka192frobust_key
+
+#HostKey /opt/oqs-ssh/ssh_host_ssh-ecdsa-nistp256-oqsdefault_key
+HostKey /opt/oqs-ssh/ssh_host_ssh-ecdsa-nistp384-dilithium3_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-ecdsa-nistp256-falcon512_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-ecdsa-nistp384-picnicL3FS_key
+
+#HostKey /opt/oqs-ssh/ssh_host_ssh-rsa3072-oqsdefault_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-rsa3072-dilithium2aes_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-rsa3072-falcon512_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-rsa3072-picnicL1full_key
+#HostKey /opt/oqs-ssh/ssh_host_ssh-rsa3072-sphincsharaka128fsimple_key
 
 
 ###############################################################################