In this post we will look at how to change ssh encryption ciphers and how to determine what the remote host supports.
Here’s a snippet from log buffer from a cisco IOS router that has ssh logging enabled
( ip ssh logging events )
(AES128)
Apr 1
13:31:16.433 UTC: %SSH-5-SSH2_SESSION: SSH2 Session request from
192.0.2.1(tty = 0) using crypto cipher 'aes128-cbc', hmac 'hmac-md5'
Succeeded
Apr 1
13:31:19.877 UTC: %SSH-5-SSH2_USERAUTH: User 'kfelix' authentication
for SSH2 Session from 192.0.2.1(tty = 0) using crypto cipher
'aes128-cbc', hmac 'hmac-md5' Succeeded
(3DES)
Apr 1
13:33:52.922 UTC: %SSH-5-SSH2_SESSION: SSH2 Session request from
192.0.2.1(tty = 1) using crypto cipher '3des-cbc', hmac 'hmac-md5'
Succeeded
Apr 1
13:33:56.366 UTC: %SSH-5-SSH2_USERAUTH: User 'kfelix' authentication
for SSH2 Session from 192.0.2.1(tty = 1) using crypto cipher '3des-cbc',
hmac 'hmac-md5' Succeeded
(AES192)
Apr 1
13:39:00.288 UTC: %SSH-5-SSH2_SESSION: SSH2 Session request from
192.0.2.1(tty = 1) using crypto cipher 'aes192-cbc', hmac 'hmac-md5'
Succeeded
Apr 1
13:39:03.616 UTC: %SSH-5-SSH2_USERAUTH: User 'kfelix' authentication
for SSH2 Session from 192.0.2.1(tty = 1) using crypto cipher
'aes192-cbc', hmac 'hmac-md5' Succeeded
(AES256)
Apr 1
13:40:01.484 UTC: %SSH-5-SSH2_SESSION: SSH2 Session request from
192.0.2.1(tty = 1) using crypto cipher 'aes256-cbc', hmac 'hmac-md5'
Succeeded
Apr 1
13:40:04.888 UTC: %SSH-5-SSH2_USERAUTH: User 'kfelix' authentication
for SSH2 Session from 192.0.2.1(tty = 1) using crypto cipher
'aes256-cbc', hmac 'hmac-md5' Succeeded
And if you specify a cipher that’s not supported you will get the following;
Apr 1 13:35:17.543 UTC: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.0.2.1(tty = 1) using crypto cipher '', hmac '' Failed
Apr 1 13:35:17.543 UTC: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.0.2.1(tty = 1) for user '' using crypto cipher '', hmac '' closed
Apr 1 13:35:34.475 UTC: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.0.2.1(tty = 1) using crypto cipher '', hmac '' Failed
Apr 1 13:35:34.475 UTC: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.0.2.1(tty = 1) for user '' using crypto cipher '', hmac '' closed
Okay so how did we change our ssh client cipher? Easy we used the “-c <cipher>” option;
ssh -c aes192-cbc 192.0.2.222
The above would used a 192 bit key. Now is bigger always better is a decision you have to make :)
Also with ssh & depending on the server, we might support the close 2nd place contender, in the cook off for the new encryption standard proposal, ( blowfish )
guadal:~ kfelix$ ssh -c blowfish-cbc 127.0.0.1
Password:
Password:
Last login: Mon Apr 1 09:33:39 2013
See how easy it is to change the ciphers ?
So
remember you have choices for supported ciphers. With cisco, the end
device ios version, platform type and model-type, will determine what’s
supported. But 3des, aes128 and aes256 are the most common.
From my experience, most cisco routers do not support blowfish and this is also hit and miss with JunOS.
To control the support cipher type within Linux (
unix ) and those that use OpenSSH, it’s quite easy. You specify the
Cipher and the cipher list in your sshd_config.
e.g ( from the man pages )
Ciphers Specifies the ciphers allowed for protocol version 2. Multiple ciphers must be comma-separated. The supported ciphers are "3des-cbc", "aes128-cbc", "aes192-cbc", "aes256-cbc", "aes128-ctr", "aes192-ctr", "aes256-ctr", "arcfour128", "arcfour256", "arcfour", "blowfish-cbc", and "cast128-cbc".
The default is ''aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, aes256-cbc,arcfour''
Here's how I changed my server to only support sshd and with the blowfish cipher;
Echo “Ciphers blowfish-cbc,” >> sshd_config
And
cat sshd*config | grep Ciphers
Ciphers blowfish-cbc,
And now if I try anything but blowfish, it will fail;
PETRA01:~ kfelix$ ssh -c aes128-cbc 127.0.0.1
no matching cipher found: client aes128-cbc server blowfish-cbc,
PETRA01:~ kfelix$ ssh -c 3des-cbc 127.0.0.1
no matching cipher found: client 3des-cbc server blowfish-cbc,
but with blowfish works;
PETRA01:~ kfelix$ ssh -c blowfish-cbc 127.0.0.1
Password:
Password:
Last login: Mon Apr 1 09:59:12 2013 from localhost
PETRA01:~ kfelix$
So if your having a problem with SSH access, then change the client cipher or find out what the server supports.
more can be found here;
http://www.openssh.org/features.html
note:You can also use tshark/wireshark and the display filters for monitoring of cipher exchanges.
ssh.compression_algorithms_server_to_client
ssh.compression_algorithms_client_to_server
SSH Protocol
SSH Version 2 (encryption:aes128-ctr mac:hmac-md5 compression:none)
Packet Length: 700
Padding Length: 7
Key Exchange
Msg code: Key Exchange Init (20)
Algorithms
Cookie: 8f542d94233f82d8bb80452e4cfe6e21
kex_algorithms length: 89
kex_algorithms string: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
server_host_key_algorithms length: 15
server_host_key_algorithms string: ssh-rsa,ssh-dss
encryption_algorithms_client_to_server length: 157
encryption_algorithms_client_to_server string: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
encryption_algorithms_server_to_client length: 157
encryption_algorithms_server_to_client string: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
mac_algorithms_client_to_server length: 85
mac_algorithms_client_to_server string: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
mac_algorithms_server_to_client length: 85
mac_algorithms_server_to_client string: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
compression_algorithms_client_to_server length: 21
compression_algorithms_client_to_server string: none,zlib@openssh.com
compression_algorithms_server_to_client length: 21
compression_algorithms_server_to_client string: none,zlib@openssh.com
languages_client_to_server length: 0
languages_server_to_client length: 0
KEX First Packet Follows: 0
Reserved: 00000000
Padding String: 00000000000000
more can be found here;
http://www.openssh.org/features.html
note:You can also use tshark/wireshark and the display filters for monitoring of cipher exchanges.
ssh.compression_algorithms_server_to_client
ssh.compression_algorithms_client_to_server
SSH Protocol
SSH Version 2 (encryption:aes128-ctr mac:hmac-md5 compression:none)
Packet Length: 700
Padding Length: 7
Key Exchange
Msg code: Key Exchange Init (20)
Algorithms
Cookie: 8f542d94233f82d8bb80452e4cfe6e21
kex_algorithms length: 89
kex_algorithms string: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
server_host_key_algorithms length: 15
server_host_key_algorithms string: ssh-rsa,ssh-dss
encryption_algorithms_client_to_server length: 157
encryption_algorithms_client_to_server string: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
encryption_algorithms_server_to_client length: 157
encryption_algorithms_server_to_client string: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
mac_algorithms_client_to_server length: 85
mac_algorithms_client_to_server string: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
mac_algorithms_server_to_client length: 85
mac_algorithms_server_to_client string: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
compression_algorithms_client_to_server length: 21
compression_algorithms_client_to_server string: none,zlib@openssh.com
compression_algorithms_server_to_client length: 21
compression_algorithms_server_to_client string: none,zlib@openssh.com
languages_client_to_server length: 0
languages_server_to_client length: 0
KEX First Packet Follows: 0
Reserved: 00000000
Padding String: 00000000000000
Ken Felix
Freelance Network/Security Engineer
Kfelix a-t hyperfeed d-o-t com
No comments:
Post a Comment