Jan 08

Hardening SSH in EL6

So I’ve been a bit paranoid of late when reading of the actions of the NSA – and looking at the default configs of sshd that ship with distros like EL6, there is a lot that can be done – however it requires updating to a newer openssh version than the ones that ship with EL6.

I now build openssh (currently v6.7p1) in my testing repo: http://au1.mirror.crc.id.au/repo/el6-testing/x86_64/

After installing this, I use the following to change options as required for ‘best practices’. A lot of these come from here. There is a bit more discussion on this by Aaron Toponce.

Firstly, remove existing SSH server keys and only create the following two. Also set AUTOCREATE_SERVER_KEYS=NO in /etc/sysconfig/sshd to stop missing keys being automatically recreated on start.
cd /etc/ssh/
rm -f ssh_host_*key*
echo AUTOCREATE_SERVER_KEYS=NO > /etc/sysconfig/sshd
ssh-keygen -t ed25519 -f ssh_host_ed25519_key < /dev/null ssh-keygen -t rsa -b 16384 -f ssh_host_rsa_key < /dev/null

Then add some config to /etc/sshd/sshd_config. If you have any Match blocks, this needs to come before them. If not, add the following to /etc/sshd/sshd_config:
## Change key exchange preferences to pick secure methods.
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
HostKey /etc/ssh/ssh_host_ed25519_key
HostKey /etc/ssh/ssh_host_rsa_key

Then eventually restart the sshd service:
service sshd restart

Remember to always keep an SSH session open to a server as you do these – as if you get it wrong, a failed start of sshd may lock you out of that system!

1 comment

    • Attila the Tim on January 8, 2015 at 3:49 pm
    • Reply

    You might want verify stribika’s logic before you follow his advice.
    For example his pick of a elliptic curve that isn’t know to have come from NIST might have the same issue as the ones from NIST.

    I expect that using public keys is what the NSA was bring about seeing that everything else in the same documents were based on the same concept. It is also quite clear that they have the core certs for everyone’s ssl.

Leave a Reply

Your email address will not be published.