[Ach] OpenSSH settings

Andy Wenk andy at nms.de
Fri Jan 3 23:24:06 CET 2014

On 3 January 2014 22:54, Aaron Zauner <azet at azet.org> wrote:

> On 03 Jan 2014, at 19:12, Andy Wenk <andy at nms.de> wrote:
> > Hi everybody,
> >
> > here is my report for further examinations on this topic. I have the
> following sshd_config (as requested form Aaron):
> >
> > https://gist.github.com/andywenk/fa461dbaf2abf3442a3a
> >
> > As you can see, the three configuration paramaters Ciphers, MACs and
> KexAlgorithms are commented out. When activating the Ciphers solely and
> testing the configuration (  /usr/sbin/sshd -t) I get:
> >
> > /etc/ssh/sshd_config line 90: Bad SSH2 cipher spec '
> aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes128-ctr'.
> >
> > When activation MACs solely and testing the configuration I get:
> >
> > /etc/ssh/sshd_config line 93: Bad SSH2 mac spec '
> umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160'.
> >
> > Finally, when activating KexAlgorithms solely and testing I get:
> >
> > /etc/ssh/sshd_config line 96: Bad SSH2 KexAlgorithms '
> curve25519-sha256 at libssh.org
> ,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1'.
> >
> > So either I have a typo or something, because copying from the PDF is
> not possible, or my system can not deal with these or some of these
> settings. But as this is a quite new Ubuntu, I propose to add more
> information to the section 2.2.1 OpenSSH in the way, that a user can see on
> which machines this is working.
> Thanks. Could you try to just disable all @openssh.com and @libssh.orgciphers (just remove them as the comment in the openssh section states)?
> These ciphers are very new to the OpenSSH distribution. Some might not
> work per default. They will soon.


I did so and it works. I now have this:

Ciphers aes256-ctr,aes128-ctr

MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160


As another user already asked in another thread I am wondering, if this is
still more secure than the defaults regarding the documentation here:


It reads:

             Specifies the ciphers allowed for protocol version 2.  Multiple
             ciphers must be comma-separated.  The supported ciphers are:

             ``3des-cbc'', ``aes128-cbc'', ``aes192-cbc'', ``aes256-cbc'',
             ``aes128-ctr'', ``aes192-ctr'', ``aes256-ctr'',
             ``aes128-gcm at openssh.com'', ``aes256-gcm at openssh.com'',
             ``arcfour128'', ``arcfour256'', ``arcfour'', ``blowfish-cbc'',
             ``cast128-cbc'', and ``chacha20-poly1305 at openssh.com''.

             The default is:

                aes128-gcm at openssh.com,aes256-gcm at openssh.com,
                chacha20-poly1305 at openssh.com,

A short explanation is highly appreciated but I assume that only these
ciphers should be choosen because of the key length and type and to revoke
other, less secure ciphers.



Andy Wenk
Hamburg - Germany


GPG fingerprint: C044 8322 9E12 1483 4FEC 9452 B65D 6BE3 9ED3 9588

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20140103/02853dce/attachment.html>

More information about the Ach mailing list