Message ID | 60141712-0583-e014-ad5d-d423587566a3@link38.eu |
---|---|
State | Superseded |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.i.ipfire.org (Postfix) with ESMTP id 6126960366 for <patchwork@web02.i.ipfire.org>; Tue, 1 May 2018 14:55:39 +0200 (CEST) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 057E110E4421; Tue, 1 May 2018 13:55:39 +0100 (BST) Authentication-Results: dkim=pass header.d=link38.eu; dmarc=pass (policy=none) header.from=link38.eu; spf=pass smtp.mailfrom=peter.mueller@link38.eu Received: from mx-nbg.link38.eu (mx-nbg.link38.eu [IPv6:2a03:4000:6:432c:1f9e:48:ac3:199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx-nbg.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4FD88108B8B7 for <development@lists.ipfire.org>; Tue, 1 May 2018 13:53:41 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=link38.eu; s=201803; t=1525179215; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references; bh=xLr72ebHmTb8GVt0FgmT5AFqtkXnw3rTULbuuPzT0hs=; b=fo2vw10hZLxs4URo49x7SZSEaJOSH8uuridtOF5QgXbvehvD8owUjih0HZM1qXGgK8AQn3 TrKyqjdob3dMI0UYXgVgW9IhtsvHhWNJ8W85s/ANF9uCdBoMxvMqZTM4i80hRjjZCBpmh8 fk9snwMhGtmaAI0dA/4vOkM3sdc0Kq9PIdpJIF7U66EHy/tiUOtTzfRzEnE8Aefdfp9Qwf Utp0xLMlb9pixkbTV0brIqxgBWbtt44dz7+HK4vW3Z4loeO64oNWbu81ON8F5mOJAGA7MH M2FKy9Yj3FhwAkbLBC3Hkn9t/5GRGoP1lLZso8qtL5DcqhtpU+Eb3G/LFn5Olg== To: "IPFire: Development-List" <development@lists.ipfire.org> From: =?utf-8?q?Peter_M=C3=BCller?= <peter.mueller@link38.eu> Subject: [PATCH 3/3] OpenSSH: use safer cryptography defaults Openpgp: preference=signencrypt Message-ID: <60141712-0583-e014-ad5d-d423587566a3@link38.eu> Date: Tue, 1 May 2018 14:53:35 +0200 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="D2c6izjfpqiG1jZXE6xqn582yGNVXyLH8" X-Spamd-Result: default: False [-9.63 / 11.00]; URIBL_BLOCKED(0.00)[stribika.github.io.multi.uribl.com]; RCVD_IN_DNSWL_MED(-2.00)[9.9.1.0.3.c.a.0.8.4.0.0.e.9.f.1.c.2.3.4.6.0.0.0.0.0.0.4.3.0.a.2.list.dnswl.org : 127.0.6.2]; RCVD_COUNT_ZERO(0.00)[0]; FROM_HAS_DN(0.00)[]; MX_GOOD(-0.01)[cached: mx-nbg.link38.eu]; HAS_ATTACHMENT(0.00)[]; IP_SCORE(-3.77)[ip: (-9.88), ipnet: 2a03:4000::/32(-4.94), asn: 197540(-3.96), country: DE(-0.09)]; BAYES_HAM(-3.00)[100.00%]; DKIM_TRACE(0.00)[link38.eu:+]; TO_DN_ALL(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a03:4000:6:432c:1f9e:48:ac3:199]; RCPT_COUNT_ONE(0.00)[1]; DMARC_POLICY_ALLOW(-0.25)[link38.eu,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[link38.eu]; ASN(0.00)[asn:197540, ipnet:2a03:4000::/32, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[] X-Spam-Status: No, score=-9.63 X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <https://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Series |
None
|
|
Commit Message
Peter Müller
May 1, 2018, 10:53 p.m. UTC
By default, OpenSSH uses crypto algorithms such as SHA1, which are
considered insecure and should not be used anymore. This patch
updates the used ciphers, message-digest algorithms and key exchange
algorithms according https://stribika.github.io/2015/01/04/secure-secure-shell.html .
For the kex algo "diffie-hellman-group-exchange-sha256", an intact
SSH moduli file is required. To make sure we are not falling back
to insecure crypto here, its presence is checked at SSH startup.
On my machines, this file was already there, but it makes sense to
me to double-check this. This patch should not make problems except
for very outdated OpenSSH clients (older than 6.x) or PuTTY versions.
This partially addresses #11538 and requires patch 2/3.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
---
config/rootfiles/core/121/update.sh | 6 +++++-
lfs/openssh | 4 ++++
src/initscripts/system/sshd | 12 ++++++++++++
3 files changed, 21 insertions(+), 1 deletion(-)
Comments
Hello *, could somebody have a look at this sometimes? If possible, I'd like to add this to the upcoming Core 121, too - in case we are not becoming too big with the new kernel already. Thanks, and best regards, Peter Müller > By default, OpenSSH uses crypto algorithms such as SHA1, which are > considered insecure and should not be used anymore. This patch > updates the used ciphers, message-digest algorithms and key exchange > algorithms according https://stribika.github.io/2015/01/04/secure-secure-shell.html . > > For the kex algo "diffie-hellman-group-exchange-sha256", an intact > SSH moduli file is required. To make sure we are not falling back > to insecure crypto here, its presence is checked at SSH startup. > > On my machines, this file was already there, but it makes sense to > me to double-check this. This patch should not make problems except > for very outdated OpenSSH clients (older than 6.x) or PuTTY versions. > > This partially addresses #11538 and requires patch 2/3. > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > --- > config/rootfiles/core/121/update.sh | 6 +++++- > lfs/openssh | 4 ++++ > src/initscripts/system/sshd | 12 ++++++++++++ > 3 files changed, 21 insertions(+), 1 deletion(-) > > diff --git a/config/rootfiles/core/121/update.sh b/config/rootfiles/core/121/update.sh > index 3ec251292..99c174156 100644 > --- a/config/rootfiles/core/121/update.sh > +++ b/config/rootfiles/core/121/update.sh > @@ -60,7 +60,11 @@ rm -rvf \ > sed -i /etc/ssh/sshd_config \ > -e 's/^#SyslogFacility AUTH$/SyslogFacility AUTH/' \ > -e 's/^#LogLevel INFO$/LogLevel INFO/' \ > - -e 's/^#StrictModes .*$/StrictModes yes/' > + -e 's/^#StrictModes .*$/StrictModes yes/' \ > + -e 's/^#RekeyLimit default none$/Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\ > + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com\ > + KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256\ > + #RekeyLimit default none/' > > # Start services > /etc/init.d/sshd restart > diff --git a/lfs/openssh b/lfs/openssh > index 7e8468ac9..3043501a2 100644 > --- a/lfs/openssh > +++ b/lfs/openssh > @@ -96,6 +96,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > -e 's/^#\?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \ > -e 's/^#\?PermitRootLogin .*$$/PermitRootLogin yes/' \ > -e 's/^#StrictModes .*$/StrictModes yes/' \ > + -e 's/^#RekeyLimit default none$/Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\ > + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com\ > + KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256\ > + #RekeyLimit default none/' \ > -e 's|^#\?HostKey /etc/ssh/ssh_host_dsa_key$$||' \ > -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$$||' \ > -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$$||' \ > diff --git a/src/initscripts/system/sshd b/src/initscripts/system/sshd > index 7b4092d38..d7958e800 100644 > --- a/src/initscripts/system/sshd > +++ b/src/initscripts/system/sshd > @@ -23,6 +23,18 @@ case "$1" in > evaluate_retval > done > > + # Make sure moduli file is properly present > + # (https://stribika.github.io/2015/01/04/secure-secure-shell.html) > + modulifile="/etc/ssh/moduli" > + if [ ! -e "${modulifile}" ]; then > + boot_mesg "Generating SSH moduli file (this may take a while)..." > + > + ssh-keygen -G /etc/ssh/moduli.all -b 4096 > + ssh-keygen -T /etc/ssh/moduli.safe -f /etc/ssh/moduli.all > + mv /etc/ssh/moduli.safe /etc/ssh/moduli > + rm -f /etc/ssh/moduli.all > + fi > + > [ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled > boot_mesg "Starting SSH Server..." > loadproc /usr/sbin/sshd >
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello, you will need to break up patches into smaller chunks. This is a bit harder to review than it should be. On Tue, 2018-05-01 at 14:53 +0200, Peter Müller wrote: > By default, OpenSSH uses crypto algorithms such as SHA1, which are > considered insecure and should not be used anymore. This patch > updates the used ciphers, message-digest algorithms and key exchange > algorithms according https://stribika.github.io/2015/01/04/secure-secure- > shell.html . I can agree to that. > For the kex algo "diffie-hellman-group-exchange-sha256", an intact > SSH moduli file is required. To make sure we are not falling back > to insecure crypto here, its presence is checked at SSH startup. This could have been a separate patch. > On my machines, this file was already there, but it makes sense to > me to double-check this. This patch should not make problems except > for very outdated OpenSSH clients (older than 6.x) or PuTTY versions. > > This partially addresses #11538 and requires patch 2/3. > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > --- > config/rootfiles/core/121/update.sh | 6 +++++- > lfs/openssh | 4 ++++ > src/initscripts/system/sshd | 12 ++++++++++++ > 3 files changed, 21 insertions(+), 1 deletion(-) > > diff --git a/config/rootfiles/core/121/update.sh > b/config/rootfiles/core/121/update.sh > index 3ec251292..99c174156 100644 > --- a/config/rootfiles/core/121/update.sh > +++ b/config/rootfiles/core/121/update.sh > @@ -60,7 +60,11 @@ rm -rvf \ > sed -i /etc/ssh/sshd_config \ > -e 's/^#SyslogFacility AUTH$/SyslogFacility AUTH/' \ > -e 's/^#LogLevel INFO$/LogLevel INFO/' \ > - -e 's/^#StrictModes .*$/StrictModes yes/' > + -e 's/^#StrictModes .*$/StrictModes yes/' \ > + -e 's/^#RekeyLimit default none$/Ciphers chacha20-poly1305@openssh.co > m,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128- > ctr\ > + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@ > openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@open > ssh.com\ > + KexAlgorithms curve25519-sha256@libssh.org,diffie- > hellman-group-exchange-sha256\ > + #RekeyLimit default none/' The sed is ugly (more below), how can we know this will be properly applied to all systems? sed can add lines without looking for something else to replace something. You can also match a string and append more after it and use & as a wildcard to re- insert the matched content. > # Start services > /etc/init.d/sshd restart > diff --git a/lfs/openssh b/lfs/openssh > index 7e8468ac9..3043501a2 100644 > --- a/lfs/openssh > +++ b/lfs/openssh > @@ -96,6 +96,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > -e 's/^#\?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \ > -e 's/^#\?PermitRootLogin .*$$/PermitRootLogin yes/' \ > -e 's/^#StrictModes .*$/StrictModes yes/' \ > + -e 's/^#RekeyLimit default none$/Ciphers chacha20-poly1305@op > enssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192- > ctr,aes128-ctr\ > + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@ > openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@open > ssh.com\ > + KexAlgorithms curve25519-sha256@libssh.org,diffie- > hellman-group-exchange-sha256\ > + #RekeyLimit default none/' \ > -e 's|^#\?HostKey /etc/ssh/ssh_host_dsa_key$$||' \ > -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$$||' \ > -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$$||' \ I think we should urgently move away from changing the default configuration like this. This is hard to read, might change lines in future versions that we do not intend, etc. This is just not a good way to modify a file. Would you please add a fresh file with only the directives that we want/need? > diff --git a/src/initscripts/system/sshd b/src/initscripts/system/sshd > index 7b4092d38..d7958e800 100644 > --- a/src/initscripts/system/sshd > +++ b/src/initscripts/system/sshd > @@ -23,6 +23,18 @@ case "$1" in > evaluate_retval > done > > + # Make sure moduli file is properly present > + # (https://stribika.github.io/2015/01/04/secure-secure-shell.html) > + modulifile="/etc/ssh/moduli" > + if [ ! -e "${modulifile}" ]; then > + boot_mesg "Generating SSH moduli file (this may take a > while)..." > + > + ssh-keygen -G /etc/ssh/moduli.all -b 4096 > + ssh-keygen -T /etc/ssh/moduli.safe -f /etc/ssh/moduli.all > + mv /etc/ssh/moduli.safe /etc/ssh/moduli > + rm -f /etc/ssh/moduli.all > + fi > + How long will this take? We support systems with very slow processors. I have been running this for the past 10 minutes on my desktop machine which has some Intel i5 processor. This is already too long. Are there any alternatives instead of creating this with 4096 bits of length on the target machines? > [ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled > boot_mesg "Starting SSH Server..." > loadproc /usr/sbin/sshd - -Michael -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5/rW5l3GGe2ypktxgHnw/2+QCQcFAlr+2IwACgkQgHnw/2+Q CQduMA//YlCIN/3bmPSS11jurJQFCy6p3QdqbGuuR09tefEKNZ1w5KXxMili5Vsm tW/is9VoLcB66jEVSn9osAKZ7yRkr99Z7eic+OJVdjodmkGz64KNSIbz0mYTqt+t 0sYADY+F9G+AYwR4WcJviRxOIzCKO7xvdc9ZNRTg1jGzutztJnhwAByO2JGn9HCE 9D1SM7PHNa55TB/7RcZuFn6Y9P1JUfSmwdA/bwyC4oS8znePu/+uRcK1+L+lnXQ8 tEJTs2Daq3icwAVdfUbdW6+zuCjsEvkkwjmQ4opI9twD9q33x7QZkd4/9+yW84pa BBwTFaRUGmSSmca+7HH08KdHpvrXgnmE9X798JTRGJO8zMc0V6yO79Ta8TJG3H5k nihprEhxFBTlQ+iWof9aNMH9zFFQKtLP0QzgB1jdgXMMtrx86pTOwIVlPx7loUo5 eTAgZaSE8Sjvo1iarKyfSfqjo8ZlcIpdGKeE1lsiCcIfA1jpe+uy0hHgiWiFHKwe Rdzz7q4ZIo3s9Dyv0vECOvoPWxQUE9jQT5o05vY9m3uEZv4VrjC1rzCqY1iW8Rj5 E9hGt72MfpKNESXwcDhqTjYC9h0dm2ip7W7xFoJ6rwwvECjEA0n+B9STpVXi8NJh hMbLkwZ1POTojtHFZwFo5AJ0cQuricWVLzn5oA7bOZkf8Pg82+I= =u/E+ -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Wed, 2018-05-16 at 17:39 +0200, Peter Müller wrote: > Hello *, > > could somebody have a look at this sometimes? > > If possible, I'd like to add this to the upcoming Core 121, too > - in case we are not becoming too big with the new kernel already. I don't think that this will find space in C121. > Thanks, and best regards, > Peter Müller > > > > By default, OpenSSH uses crypto algorithms such as SHA1, which are > > considered insecure and should not be used anymore. This patch > > updates the used ciphers, message-digest algorithms and key exchange > > algorithms according https://stribika.github.io/2015/01/04/secure-secure-she > > ll.html . > > > > For the kex algo "diffie-hellman-group-exchange-sha256", an intact > > SSH moduli file is required. To make sure we are not falling back > > to insecure crypto here, its presence is checked at SSH startup. > > > > On my machines, this file was already there, but it makes sense to > > me to double-check this. This patch should not make problems except > > for very outdated OpenSSH clients (older than 6.x) or PuTTY versions. > > > > This partially addresses #11538 and requires patch 2/3. > > > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > > --- > > config/rootfiles/core/121/update.sh | 6 +++++- > > lfs/openssh | 4 ++++ > > src/initscripts/system/sshd | 12 ++++++++++++ > > 3 files changed, 21 insertions(+), 1 deletion(-) > > > > diff --git a/config/rootfiles/core/121/update.sh > > b/config/rootfiles/core/121/update.sh > > index 3ec251292..99c174156 100644 > > --- a/config/rootfiles/core/121/update.sh > > +++ b/config/rootfiles/core/121/update.sh > > @@ -60,7 +60,11 @@ rm -rvf \ > > sed -i /etc/ssh/sshd_config \ > > -e 's/^#SyslogFacility AUTH$/SyslogFacility AUTH/' \ > > -e 's/^#LogLevel INFO$/LogLevel INFO/' \ > > - -e 's/^#StrictModes .*$/StrictModes yes/' > > + -e 's/^#StrictModes .*$/StrictModes yes/' \ > > + -e 's/^#RekeyLimit default none$/Ciphers chacha20-poly1305@openssh. > > com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192- > > ctr,aes128-ctr\ > > + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-et > > m@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@ > > openssh.com\ > > + KexAlgorithms curve25519-sha256@libssh.org,diffie- > > hellman-group-exchange-sha256\ > > + #RekeyLimit default none/' > > > > # Start services > > /etc/init.d/sshd restart > > diff --git a/lfs/openssh b/lfs/openssh > > index 7e8468ac9..3043501a2 100644 > > --- a/lfs/openssh > > +++ b/lfs/openssh > > @@ -96,6 +96,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > > -e 's/^#\?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \ > > -e 's/^#\?PermitRootLogin .*$$/PermitRootLogin yes/' \ > > -e 's/^#StrictModes .*$/StrictModes yes/' \ > > + -e 's/^#RekeyLimit default none$/Ciphers chacha20-poly1305@ > > openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192- > > ctr,aes128-ctr\ > > + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-et > > m@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@ > > openssh.com\ > > + KexAlgorithms curve25519-sha256@libssh.org,diffie- > > hellman-group-exchange-sha256\ > > + #RekeyLimit default none/' \ > > -e 's|^#\?HostKey /etc/ssh/ssh_host_dsa_key$$||' \ > > -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$$||' \ > > -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$$||' \ > > diff --git a/src/initscripts/system/sshd b/src/initscripts/system/sshd > > index 7b4092d38..d7958e800 100644 > > --- a/src/initscripts/system/sshd > > +++ b/src/initscripts/system/sshd > > @@ -23,6 +23,18 @@ case "$1" in > > evaluate_retval > > done > > > > + # Make sure moduli file is properly present > > + # (https://stribika.github.io/2015/01/04/secure-secure-shell.html) > > + modulifile="/etc/ssh/moduli" > > + if [ ! -e "${modulifile}" ]; then > > + boot_mesg "Generating SSH moduli file (this may take a > > while)..." > > + > > + ssh-keygen -G /etc/ssh/moduli.all -b 4096 > > + ssh-keygen -T /etc/ssh/moduli.safe -f /etc/ssh/moduli.all > > + mv /etc/ssh/moduli.safe /etc/ssh/moduli > > + rm -f /etc/ssh/moduli.all > > + fi > > + > > [ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not > > enabled > > boot_mesg "Starting SSH Server..." > > loadproc /usr/sbin/sshd > > > > -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5/rW5l3GGe2ypktxgHnw/2+QCQcFAlr+2KMACgkQgHnw/2+Q CQfQ/Q//VOr8BUcyXWMB8DWLvXwA3/gaGG8duGLdO8Mx2wi+/KsK8PY9Kpy3pDUs 2SGaBH0HSczVPfbp0i+vyEgB8MOodO8gA4hVMWLBY2p6cU31YrdZ7+P0JlGzjkd/ L6XgJuQjLgPhhPIBOX8GyBVWSwwri5E/thumGqmwT8o1HvW8PvmWp4RdWpeYqVVx M3c2wzDinWhT7GGAsI3pAZzWpTUh6wdkRDPcEM0Ee/cdqvhELn+alnJjPx4OluXP vA2WPximZ/BKHKYC6zjnm1+8o6j+kmkyQX1y/pB3rTSKRDxuEOyuivKpApzway32 pgrJB0TfDtKV84ryjBcFTHGXXgHkTD5LBB/en9CpYDsYwQ85lMtCf2Lau+F4B7fN MZo4PlTzT+HwLuiDASsy2MVJ8Vgjdd8P1TB26xAyA0ug6NaYUFzIjjzGCbkPIm7a ctZA0GmyJVarGZ0jHhwfahOB4EQohGn4zdFh5vyVGm75U1W5Lw7Kjfb4yC9u7Lag R72892D3BKdsyeaclnCvdC/Pu4jOwQwBs6jfd7Vbo3gfQB2Qo0ZSpiXJ9W7TTxN7 dYn3L/ry3A+C0cVucdo1w+Kzk+dz/uOxiZSQgfZkdWro5M/7+WT9AUQMtZnWg3EF sCViWxscRN2hHi+VgxnQGNz8oSwy/DHXrQCcl6x3bKWhD0+naBQ= =WzL5 -----END PGP SIGNATURE-----
diff --git a/config/rootfiles/core/121/update.sh b/config/rootfiles/core/121/update.sh index 3ec251292..99c174156 100644 --- a/config/rootfiles/core/121/update.sh +++ b/config/rootfiles/core/121/update.sh @@ -60,7 +60,11 @@ rm -rvf \ sed -i /etc/ssh/sshd_config \ -e 's/^#SyslogFacility AUTH$/SyslogFacility AUTH/' \ -e 's/^#LogLevel INFO$/LogLevel INFO/' \ - -e 's/^#StrictModes .*$/StrictModes yes/' + -e 's/^#StrictModes .*$/StrictModes yes/' \ + -e 's/^#RekeyLimit default none$/Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\ + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com\ + KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256\ + #RekeyLimit default none/' # Start services /etc/init.d/sshd restart diff --git a/lfs/openssh b/lfs/openssh index 7e8468ac9..3043501a2 100644 --- a/lfs/openssh +++ b/lfs/openssh @@ -96,6 +96,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) -e 's/^#\?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \ -e 's/^#\?PermitRootLogin .*$$/PermitRootLogin yes/' \ -e 's/^#StrictModes .*$/StrictModes yes/' \ + -e 's/^#RekeyLimit default none$/Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\ + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com\ + KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256\ + #RekeyLimit default none/' \ -e 's|^#\?HostKey /etc/ssh/ssh_host_dsa_key$$||' \ -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$$||' \ -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$$||' \ diff --git a/src/initscripts/system/sshd b/src/initscripts/system/sshd index 7b4092d38..d7958e800 100644 --- a/src/initscripts/system/sshd +++ b/src/initscripts/system/sshd @@ -23,6 +23,18 @@ case "$1" in evaluate_retval done + # Make sure moduli file is properly present + # (https://stribika.github.io/2015/01/04/secure-secure-shell.html) + modulifile="/etc/ssh/moduli" + if [ ! -e "${modulifile}" ]; then + boot_mesg "Generating SSH moduli file (this may take a while)..." + + ssh-keygen -G /etc/ssh/moduli.all -b 4096 + ssh-keygen -T /etc/ssh/moduli.safe -f /etc/ssh/moduli.all + mv /etc/ssh/moduli.safe /etc/ssh/moduli + rm -f /etc/ssh/moduli.all + fi + [ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled boot_mesg "Starting SSH Server..." loadproc /usr/sbin/sshd