<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On 3 January 2014 22:54, Aaron Zauner <span dir="ltr"><<a href="mailto:azet@azet.org" target="_blank">azet@azet.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div class="im"><br>
On 03 Jan 2014, at 19:12, Andy Wenk <<a href="mailto:andy@nms.de">andy@nms.de</a>> wrote:<br>
<br>
> Hi everybody,<br>
><br>
> here is my report for further examinations on this topic. I have the following sshd_config (as requested form Aaron):<br>
><br>
> <a href="https://gist.github.com/andywenk/fa461dbaf2abf3442a3a" target="_blank">https://gist.github.com/andywenk/fa461dbaf2abf3442a3a</a><br>
><br>
> As you can see, the three configuration paramaters Ciphers, MACs and KexAlgorithms are commented out. When activating the Ciphers solely and testing the configuration ( /usr/sbin/sshd -t) I get:<br>
><br>
> /etc/ssh/sshd_config line 90: Bad SSH2 cipher spec '<a href="mailto:aes256-gcm@openssh.com">aes256-gcm@openssh.com</a>,<a href="mailto:aes128-gcm@openssh.com">aes128-gcm@openssh.com</a>,aes256-ctr,aes128-ctr'.<br>
><br>
> When activation MACs solely and testing the configuration I get:<br>
><br>
> /etc/ssh/sshd_config line 93: Bad SSH2 mac spec '<a href="mailto:umac-128-etm@openssh.com">umac-128-etm@openssh.com</a>,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160'.<br>
><br>
> Finally, when activating KexAlgorithms solely and testing I get:<br>
><br>
> /etc/ssh/sshd_config line 96: Bad SSH2 KexAlgorithms '<a href="mailto:curve25519-sha256@libssh.org">curve25519-sha256@libssh.org</a>,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1'.<br>
><br>
> So either I have a typo or something, because copying from the PDF is not possible, or my system can not deal with these or some of these settings. But as this is a quite new Ubuntu, I propose to add more information to the section 2.2.1 OpenSSH in the way, that a user can see on which machines this is working.<br>
<br>
</div>Thanks. Could you try to just disable all @<a href="http://openssh.com" target="_blank">openssh.com</a> and @<a href="http://libssh.org" target="_blank">libssh.org</a> ciphers (just remove them as the comment in the openssh section states)?<br>
<br>
These ciphers are very new to the OpenSSH distribution. Some might not work per default. They will soon.</blockquote><div><br></div><div>Aaron, </div><div><br></div><div>I did so and it works. I now have this:</div><div>
<br></div><div>Ciphers aes256-ctr,aes128-ctr</div><div><br></div><div>MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160<br></div><div><br></div><div>KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 <br>
</div></div><div class="gmail_extra"><br></div>As another user already asked in another thread I am wondering, if this is still more secure than the defaults regarding the documentation here:<br><br><a href="http://www.openssh.org/cgi-bin/man.cgi?query=sshd_config">http://www.openssh.org/cgi-bin/man.cgi?query=sshd_config</a></div>
<div class="gmail_extra"><br></div><div class="gmail_extra">It reads:</div><div class="gmail_extra"><br></div><div class="gmail_extra">Ciphers<br> Specifies the ciphers allowed for protocol version 2. Multiple<br>
ciphers must be comma-separated. The supported ciphers are:<br><br> ``3des-cbc'', ``aes128-cbc'', ``aes192-cbc'', ``aes256-cbc'',<br> ``aes128-ctr'', ``aes192-ctr'', ``aes256-ctr'',<br>
``<a href="mailto:aes128-gcm@openssh.com">aes128-gcm@openssh.com</a>'', ``<a href="mailto:aes256-gcm@openssh.com">aes256-gcm@openssh.com</a>'',<br> ``arcfour128'', ``arcfour256'', ``arcfour'', ``blowfish-cbc'',<br>
``cast128-cbc'', and ``<a href="mailto:chacha20-poly1305@openssh.com">chacha20-poly1305@openssh.com</a>''.<br><br> The default is:<br><br> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,<br>
<a href="mailto:aes128-gcm@openssh.com">aes128-gcm@openssh.com</a>,<a href="mailto:aes256-gcm@openssh.com">aes256-gcm@openssh.com</a>,<br> <a href="mailto:chacha20-poly1305@openssh.com">chacha20-poly1305@openssh.com</a>,<br>
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,<br> aes256-cbc,arcfour<br clear="all"><div><br></div><div>A short explanation is highly appreciated but I assume that only these ciphers should be choosen because of the key length and type and to revoke other, less secure ciphers.</div>
<div><br></div><div>Thanks</div><div><br></div><div>Andy</div><div><br></div>-- <br><div dir="ltr">Andy Wenk<br>Hamburg - Germany<br>RockIt!<br><br><a href="http://www.couchdb-buch.de" target="_blank">http://www.couchdb-buch.de</a><br>
<a href="http://www.pg-praxisbuch.de" target="_blank">http://www.pg-praxisbuch.de</a><br><br><div><div>GPG fingerprint: <span style="color:rgb(0,0,0);white-space:pre-wrap">C044 8322 9E12 1483 4FEC 9452 B65D 6BE3 9ED3 9588</span></div>
</div><div><span style="color:rgb(0,0,0);white-space:pre-wrap"><br></span></div><div><font color="#000000"><span style="white-space:pre-wrap"><a href="https://people.apache.org/keys/committer/andywenk.asc" target="_blank">https://people.apache.org/keys/committer/andywenk.asc</a></span></font><br>
</div></div>
</div></div>