Once Cerberus moves to OpenSSL 3, if you have FIPS turned on and you have SFTP users with RSA public keys generated using PuttyGen before 0.75, authentication by those users may no longer be supported. This is because their public keys may have an exponent (e) = 37.
In OpenSSL 3, FIPS public key verification follows FIPS 186-4 rules – see section B.3.1 –
which contains this requirement:
In addition, all IFC keys shall meet the following criteria in order to conform to FIPS 186-4:
1. The public exponent e shall be selected with the following constraints:
(a.) The public verification exponent e shall be selected prior to generating the primes p and q, and the private signature exponent d.
(b.) The exponent e shall be an odd positive integer such that: 216 < e < 2256.
Note that the value of e may be any value that meets constraint 1(b), i.e., e may be either a fixed value or a random value.
So e must be greater than 65536 (bit count greater than 16 and less than 257). PuttyGen before version 0.75 uses e=37 (bitcount of 6). Such keys will fail validation as they are not FIPS compliant.
Beginning with version 0.75, PuttyGen changed their e value to 65537 and new keys will be FIPS compliant.
As a convenience for our customers, Cerberus offers this Powershell script which will scan your native Cerberus users and determine if any of the keys are in a format generated by PuttyGen and test them.
If you are using public keys with AD/LDAP, you will need to look out for the log messages and then check your AD/LDAP user via Windows.
If a public key fails, a message showing the user affected and the full path to the public key will be displayed. This will give you a chance to contact the owner of the key pair to advise them to recreate their key pair via PuttyGen 0.75 or above.
Here is a link to download the script (downloads a zip called scan-native_pubkeys.zip).
Hashes to verify the script download:
Instructions on how to run the scan:
Download and unzip the scanner script
Open a Windows Command Window