SSH: How to disable weak ciphers?

  • Security team of my organization told us to disable weak ciphers due to they issue weak keys.

      arcfour
      arcfour128
      arcfour256
    

    But I tried looking for these ciphers in ssh_config and sshd_config file but found them commented.

     grep arcfour *
    ssh_config:#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
    

    Where else I should check to disable these ciphers from SSH?

    for SSH server it will be in `/etc/ssh/sshd_config` and for the SSH client it will be in `/etc/ssh/ssh_config`. You want to look for the `Cipher` line in each, and for example have just `Cipher aes256-ctr` specified. Then restart SSH via `/etc/init.d/sshd restart` or via the equivalent systemd command.

    you want to become knowledgeable about all the parameters in `sshd_config` if you really care about SSH security, otherwise it can be all security theater.

    @ron the second comment is an intriguing one, can you illustrate with an example what you intend?

    the `ciphers` list is just one setting out of many for having SSH properly implemented... Protocol, PermitRootLogin, AuthorizedKeysFile, PermitEmptyPasswords, IgnoreRhosts, PermitTunnel, and so on. You can rely on their default settings as implemented in your linux distribution, but `Ignornance is bliss only up until you have a problem`

  • If you have no explicit list of ciphers set in ssh_config using the Ciphers keyword, then the default value, according to man 5 ssh_config (client-side) and man 5 sshd_config (server-side), is:

                aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
                [email protected],[email protected],
                [email protected],
                aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
                aes256-cbc,arcfour
    

    Note the presence of the arcfour ciphers. So you may have to explicitly set a more restrictive value for Ciphers.

    ssh -Q cipher from the client will tell you which schemes your client can support. Note that this list is not affected by the list of ciphers specified in ssh_config. Removing a cipher from ssh_config will not remove it from the output of ssh -Q cipher. Furthermore, using ssh with the -c option to explicitly specify a cipher will override the restricted list of ciphers that you set in ssh_config and possibly allow you to use a weak cipher. This is a feature that allows you to use your ssh client to communicate with obsolete SSH servers that do not support the newer stronger ciphers.

    nmap --script ssh2-enum-algos -sV -p <port> <host> will tell you which schemes your server supports.

    Hi , I mentioned specific ciphers in ssh_config and restarted ssh service but when I did ssh -Q cipher I am still getting all ciphers that I am getting earlier irrespective of my configuration.

    I'm sorry, `ssh_config` is the client-side config, the server-side config is `sshd_config`, please try that. (It's also called `Ciphers` there.)

    Yeah I know but when I grep for ciphers I found them at ssh_config so I did changes there. As production server I am not doing anything I am not sure

    Note that the defaults may differ between distributions.

    Seems there is no `ssh -Q` on older versions. (e.g. CentOS 6's openssh v5.3p1)

License under CC-BY-SA with attribution


Content dated before 6/26/2020 9:53 AM