Merge branch 'sh-relax-fips-algorithms' into 'main'

Relax FIPS default algorithms

See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/1322

Merged-by: Igor Drozdov <idrozdov@gitlab.com>
Approved-by: Igor Drozdov <idrozdov@gitlab.com>
Co-authored-by: Stan Hu <stanhu@gmail.com>

Author: 2 people

go.mod

@@ -23,7 +23,7 @@ require (
 	// Please do not override. Once v16.11.1 is released, this comment
 	// can be removed.
 	gitlab.com/gitlab-org/gitaly/v16 v16.11.0-rc1.0.20250408053233-c6d43513e93c
-	gitlab.com/gitlab-org/labkit v1.25.0
+	gitlab.com/gitlab-org/labkit v1.26.0
 	golang.org/x/crypto v0.41.0
 	golang.org/x/sync v0.16.0
 	google.golang.org/grpc v1.72.0

go.sum

@@ -554,8 +554,8 @@ gitlab.com/gitlab-org/gitaly/v16 v16.11.0-rc1.0.20250408053233-c6d43513e93c h1:x
 gitlab.com/gitlab-org/gitaly/v16 v16.11.0-rc1.0.20250408053233-c6d43513e93c/go.mod h1:/rkj6992VsNymUeG6N3VnLZ8Pvb1Y9ZUo00Yy35t8WQ=
 gitlab.com/gitlab-org/go/reopen v1.0.0 h1:6BujZ0lkkjGIejTUJdNO1w56mN1SI10qcVQyQlOPM+8=
 gitlab.com/gitlab-org/go/reopen v1.0.0/go.mod h1:D6OID8YJDzEVZNYW02R/Pkj0v8gYFSIhXFTArAsBQw8=
-gitlab.com/gitlab-org/labkit v1.25.0 h1:ON+pf8hk5nmrFLwT4CVLniBf1kSYvBujyGp1+jW9++g=
-gitlab.com/gitlab-org/labkit v1.25.0/go.mod h1:ZHOQIOVQKeOEKvQ/GhGBjUNbV3zWsx8nty6D/SRCyd4=
+gitlab.com/gitlab-org/labkit v1.26.0 h1:UMfo6S/VmYXwquddR++odEsuTphfZvqhxAs4240syTU=
+gitlab.com/gitlab-org/labkit v1.26.0/go.mod h1:ZHOQIOVQKeOEKvQ/GhGBjUNbV3zWsx8nty6D/SRCyd4=
 go.etcd.io/raft/v3 v3.6.0 h1:5NtvbDVYpnfZWcIHgGRk9DyzkBIXOi8j+DDp1IcnUWQ=
 go.etcd.io/raft/v3 v3.6.0/go.mod h1:nLvLevg6+xrVtHUmVaTcTz603gQPHfh7kUAwV6YpfGo=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=

internal/sshd/server_config.go

@@ -237,8 +237,14 @@ func (s *serverConfig) get(parentCtx context.Context) *ssh.ServerConfig {
 	// for previous versions that support both secure and insecure defaults.
 	if fips.Enabled() {
 		// This can be dropped once https://github.com/golang-fips/go/issues/316 is supported.
-		// We need to constrain the list of supported algorithms for FIPS.
-		algorithms := fips.SupportedAlgorithms()
+		// We need to constrain the list of supported algorithms for FIPS because
+		// ED25519 algorithms cause gitlab-sshd to panic.
+		//
+		// Right now we use fips.DefaultAlgorithms() instead of fips.SupportedAlgorithms()
+		// to preserve backwards compatibility with clients that are not configured properly.
+		// fips.DefaultAlgorithms() still allows ssh-rsa and ssh-dss. Admins can lock down
+		// these algorithms by setting `public_key_algorithms`.
+		algorithms := fips.DefaultAlgorithms()
 		sshCfg.PublicKeyAuthAlgorithms = algorithms.PublicKeyAuths
 		sshCfg.Ciphers = algorithms.Ciphers
 		sshCfg.KeyExchanges = algorithms.KeyExchanges

internal/sshd/server_config_test.go

@@ -255,13 +255,17 @@ func TestFipsDefaultAlgorithms(t *testing.T) {
 	srvCfg := &serverConfig{cfg: &config.Config{}}
 	sshServerConfig := srvCfg.get(context.Background())
 
-	algorithms := fips.SupportedAlgorithms()
+	algorithms := fips.DefaultAlgorithms()
 
 	require.Equal(t, algorithms.PublicKeyAuths, sshServerConfig.PublicKeyAuthAlgorithms)
 	require.Equal(t, algorithms.MACs, sshServerConfig.MACs)
 	require.Equal(t, algorithms.KeyExchanges, sshServerConfig.KeyExchanges)
 	require.Equal(t, algorithms.Ciphers, sshServerConfig.Ciphers)
 
+	// Ensure ssh-rsa and ssh-dss are there for backwards compatibility.
+	require.Contains(t, algorithms.PublicKeyAuths, "ssh-rsa")
+	require.Contains(t, algorithms.PublicKeyAuths, "ssh-dss")
+
 	sshServerConfig.SetDefaults()
 
 	// Go automatically adds curve25519-sha256@libssh.org as alias for curve25519-sha256