[Labs-l] sshd config: using newer ciphers and protocols
Daniel Zahn
dzahn at wikimedia.org
Thu May 21 19:31:28 UTC 2015
Hi all,
recently we have been making some changes to global sshd config for
enhanced security.
Since there have been questions and user reports about this on IRC,
let me list them all in detail:
a) optimized symmetric cipher list:
https://gerrit.wikimedia.org/r/#/c/185325/
We prefer the better Chacha20-poly1305,AES-CGM ciphers here now where possible.
This has been merged on 04-27 already and the only problem report we
had was from a user of a really outdated putty version and that could
be solved by upgrading.
b) set Message Authentication Code ciphers
https://gerrit.wikimedia.org/r/#/c/185329/ (see commit message for
more details)
We stop using MD5 or SHA1 because they are insecure and use Encrypt-then-MAC.
This has been merged today and we have had 1 report on IRC so far from
a user who got "no matching MAC found" but apparently was able to fix
it by adjusting the client config.
c) don't use NIST key exchange protocols
https://gerrit.wikimedia.org/r/#/c/185321/ (see commit message for
more details)
This has also been merged today.
We stopped using NIST protocols here because they can't be trusted,
see commit message for details why.
We have had 2 users so far report on IRC getting a "no acceptable hex
algorithm" error. Both were users of MySQL workbench.
There is a related bug at https://bugs.mysql.com/bug.php?id=74658
About the reasoning for these 3 changes in detail, also see:
http://stribika.github.io/2015/01/04/secure-secure-shell.html.
Many quotes on the commit messages are from that source.
d) disable root logins, disable agent forwarding
https://gerrit.wikimedia.org/r/#/c/160628/
https://gerrit.wikimedia.org/r/#/c/199936/
These both exist in code review but are _NOT_ merged and are still
being discussed. There is no immediate plan to merge them soon.
Finding the right balance between security and supporting older
clients can sometimes be tough, so sorry for any possible inconvience
caused and let us know if any other issues that can't be solved by
upgrading clients.
Best regards,
Daniel
--
Daniel Zahn <dzahn at wikimedia.org>
Operations Engineer
More information about the Labs-l
mailing list