Disabling CBC Cipher mode causes login problems


Login or Register to Reply

 
Thread Tools Search this Thread
# 1  
Disabling CBC Cipher mode causes login problems

Hi,

As part of the security hardening activity in our team, we have to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.

To do this, in sshd_config I comment out these lines :

Code:
Ciphers aes128-cbc,blowfish-cbc,3des-cbc
MACS   hmac-sha1,hmac-md5

and add this line :

Code:
Ciphers aes128-ctr,aes192-ctr,aes256-ctr

However after doing this, and restarting ssh, I get this error :

Code:
/etc/ssh/sshd_config line 88: Bad SSH2 cipher spec 'aes128-ctr,aes192-ctr,aes256-ctr'

Also, I am not able to ssh into the server anymore.

Please provide a suggestion on how to disable the CBC option and enable the CTR/GCM option without causing problems.
The sshd_config file in the server is sshd_config(4) and thus does not support CTR/GCM.

Regards,
ana
# 2  
What, then, are the allowed ciphers according to sshd_config?
# 3  
According to the sshd_config man page (ubuntu):


Code:
 Ciphers
             Specifies the ciphers allowed.  Multiple ciphers must be comma-separated.  If the
             specified value begins with a ‘+’ character, then the specified ciphers will be
             appended to the default set instead of replacing them.

             The supported ciphers are:

                   3des-cbc
                   aes128-cbc
                   aes192-cbc
                   aes256-cbc
                   aes128-ctr
                   aes192-ctr
                   aes256-ctr
                   aes128-gcm@openssh.com
                   aes256-gcm@openssh.com
                   arcfour
                   arcfour128
                   arcfour256
                   blowfish-cbc
                   cast128-cbc
                   chacha20-poly1305@openssh.com

             The default is:

                   chacha20-poly1305@openssh.com,
                   aes128-ctr,aes192-ctr,aes256-ctr,
                   aes128-gcm@openssh.com,aes256-gcm@openssh.com

             The list of available ciphers may also be obtained using the -Q option of ssh(1)
             with an argument of “cipher”.

# 4  
Update:

Here is an example of checking for supported ciphers:

Linux

Code:
/home/neo# ssh -Q cipher
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

and on another box:

MacOS

Code:
 Tim$ ssh -Q cipher
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

# 5  
OBTW did you try this?

To disable CBC mode ciphers and weak MAC algorithms (MD5 and -96), add the following lines into the /etc/ssh/sshd_config file.

Code:
 Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128
 MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160

Then (on linux)

Code:
 service sshd restart

# 6  
Sorry I forgot to mention that my box is Solaris 9.

And I already tried adding the line :

Code:
Ciphers aes128-ctr,aes192-ctr,aes256-ctr

And it throws the error I mentioned (After I restarted ssh) :

Code:
/etc/ssh/sshd_config line 88: Bad SSH2 cipher spec 'aes128-ctr,aes192-ctr,aes256-ctr'

I have also commented out the MAC line :

Code:
MACS   hmac-sha1,hmac-md5

This does not cause any problems.
# 7  
Does this command work on Solaris?

Code:
ssh -Q cipher

Sorry, I don't have a Solaris box handy.

Please run ssh -Q cipher and update us with the results.

Also, Oracle says this is all you need to do to disable those weak ciphers:

Code:
   
cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.`date +%d-%b-%Y-%H-%M`

vi /etc/ssh/sshd_config

Ciphers aes128-ctr,aes192-ctr,aes256-ctr
Macs hmac-sha2-256,hmac-sha2-512

svcadm restart ssh

Edit and Update:

I see from the Oracle docs that Solaris does not support ssh -Q

Oracle Docs: ssh - man pages section 1: User Commands
Login or Register to Reply

|
Thread Tools Search this Thread
Search this Thread:
Advanced Search

More UNIX and Linux Forum Topics You Might Find Helpful
Need to disable CBC mode cipher encryption along with MD5 & 96 bit MAC algorithm
amity
Hi All Is any one know how to diable CBC mode cipher encryption along with MD5 & 96 bit MAC algorithm in solaris 10. Regards... Solaris
4
Solaris
Disabling emergency and init mode
rink
Hello all friends I recently disable runlevel 1 i want to know , is there any way to disable emergency mode and init mode init mode means if any user pass kernel parameter at grub i.e init=/bin/bash then bash shell appears I want to disable it for security purpose System = Debian 6...... Debian
4
Debian
Login Problems when the system is grub mode
sree vasu
Hi Experts, I am using ubuntu.When i am trying to login it is showing grub ..How i can overcome to this problem..Pls reply me ASAP.. Thanks, Sree... Ubuntu
1
Ubuntu
Problems with disabling remote root login
veccinho
Hello! I'm going through security checklist for AIX 5.3 and i just can't disable remote login for root through ssh. What i did: - in /etc/security/user i added a line: rlogin = false which works fine when i try to login through telnet - after installation of openSSH i edited...... AIX
3
AIX