如何禁用OpenSSH的弱Keyexchange\Cipher\MACs算法
问题
由于OS没有持续更新,基于OpenSSH构建的SSH服务器会继续沿用不再安全的密钥交换算法。如diffie-hellman-group-exchange-sha1或者diffie-hellman-group1-sha1。
通过漏洞扫描很容易发现这个脆弱性(如下图所示)。
影响
攻击者很容易利用这些漏洞实施攻击
解决办法
禁用这些密钥交换算法
禁用方法
RHEL/CentOS 7.x
服务器端
1)通过命令获取现有的SSH使用的加密算法:
sshd -T | grep -E '^kexalgorithms |^ciphers |^macs'
ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
macs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
2)备份配置文件/etc/ssh/sshd_config
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bk
3)更改配置
在/etc/ssh/sshd_config文件添加如下行:
kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
Ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
MACs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
4)确认更改生效
sshd -T | grep ^kexalgorithms
kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
发现diffie-hellman-group1-sha1和diffie-hellman-group-exchange-sha1已经删除
SSH客户端
1)检查客户端配置
# ssh -Q kex
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
curve25519-sha256
curve25519-sha256@libssh.org
gss-gex-sha1-
gss-group1-sha1-
gss-group14-sha1-
发现有使用发现diffie-hellman-group1-sha1和diffie-hellman-group-exchange-sha1
2)备份配置文件
# cp -p /etc/ssh/ssh_config /etc/ssh/ssh_config-bk
3)编辑/etc/ssh/ssh_config文件,在末尾添加:
Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1
4) 重启sshd
# systemctl restart sshd
5) 检查效果
# ssh -o KexAlgorithms=diffie-hellman-group-exchange-sha1 admin@127.0.0.1
Unable to negotiate with 127.0.0.1 port 22: no matching key exchange method found. Their offer: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
可以发现通过diffie-hellman-group-exchange-sha1 算法发起连接失败,说明更改成功
RHEL/CentOS 8.x
1)列出客户端支持的密钥交换算法
2)列出服务器端支持的密钥交换算法
3)删除弱密钥交换算法
编辑/etc/ssh/sshd_config文件,添加如下行
KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
4)从服务器和客户端配置文件删除弱密钥交换算法
备份配置文件
# cp -p /etc/crypto-policies/back-ends/openssh.config /etc/crypto-policies/back-ends/openssh.config-bkp
# cp -p /etc/crypto-policies/back-ends/opensshserver.config /etc/crypto-policies/back-ends/opensshserver.config-bkp
在两个配置文件中删除弱密钥交换算法,如diffie-hellman-group1-sha1和diffie-hellman-group-exchange-sha1
# vi /etc/crypto-policies/back-ends/openssh.config
# vi /etc/crypto-policies/back-ends/opensshserver.config
5)重启服务
# systemctl restart sshd.service
# systemctl status sshd.service
6)测试更改效果
# ssh -vvv username@remote-IP-Address
# ssh -o KexAlgorithms=diffie-hellman-group-exchange-sha1 user-name@127.0.0.1