I was provisioning a new M4300-52G today, from a new system with RHEL 9 installed on it. Part of my provisioning process is to disable telnet and enable ssh. This has worked fine for years, except today I am unable to SSH in. I get the following error when I try this
[user@system ~]$ ssh admin@switch Bad server host key: Invalid key length
[user@system ~]$
After digging into this a little bit, I see that starting with openssh 7.6, a minimum RSA keylength of 1024 bits is required. Checking the key generated on the switch, it is 1024 bits. RHEL 8 was using OpenSSH 8.0, which would have the same requirements, but also works. I'm not sure if a newer version of OpenSSH requires 2048 bit key length for RSA; I couldn't find anything that says this but wouldn't be surprised.
I would like to generate RSA and DSA keys of larger sizes. I see there's the undocumented command "crypto dhparam <keylength>", and by default it is 2048. However, there's no equivalent for RSA. Other brand switches will let you specify the key length when generating keys, but it doesn't appear the Netgear switches do.
Am I overlooking something here? How can I generate keys with larger lengths, or is there a way I can SSH from newer OSes and bypass the inadequate key length?
As a side note, if any Netgear team looks at implementing larger key sizes, NIST recommends RSA and DSA key sizes of 2048-bit or larger since 2015. Prior to that, they had a recommended key length of 1024-bit. Thus, it may be helpful to allow user to select a key size of their choice in case 2048 is deemed inadequate in the future.
I never found a way to generate longer RSA keys on the switch via the CLI, but it may be possible to generate keys on an external system and copy those in. I will try that some time when I have access to a switch that I can afford downtime on if it does not work.
There is a way to bypass this error from RHEL 9 systems, however. The tl;dr: workaround is to do:
ssh -o RSAMinSize=1024 admin@switch
This is because RedHat sets this variable, RSAMinSize to 2048 in /etc/crypto-policies/back-ends/openssh.config. Since this is a configuration option, it can be specified in the command line, in the users ssh_config, or in global /etc/ssh/ssh_config.
While you can't generate larger keys on the switch, I can confirm that you can generate one externally and then copy it onto the switch (using the 'copy' command). 2048-Bit RSA I'm sure was accepted, I'm not certain if I had tried 3072 as well.
I could imagine that it could be done by Netgear to either bump the key size or to make it configurable.
