Dzahn has uploaded a new change for review. https://gerrit.wikimedia.org/r/185321
Change subject: sshd: don't use NIST key exchange protocols ...................................................................... sshd: don't use NIST key exchange protocols quote from http://stribika.github.io/2015/01/04/secure-secure-shell.html <quote> OpenSSH supports 8 key exchange protocols: curve25519-sha256: ECDH over Curve25519 with SHA2 diffie-hellman-group1-sha1: 1024 bit DH with SHA1 diffie-hellman-group14-sha1: 2048 bit DH with SHA1 diffie-hellman-group-exchange-sha1: Custom DH with SHA1 diffie-hellman-group-exchange-sha256: Custom DH with SHA2 ecdh-sha2-nistp256: ECDH over NIST P-256 with SHA2 ecdh-sha2-nistp384: ECDH over NIST P-384 with SHA2 ecdh-sha2-nistp521: ECDH over NIST P-521 with SHA2 We have to look at 3 things here: ECDH curve choice: This eliminates 6-8 because NIST curves suck. They leak secrets through timing side channels and off-curve inputs. Also, NIST is considered harmful and cannot be trusted. Bit size of the DH modulus: This eliminates 2 because the NSA has supercomputers and possibly unknown attacks. 1024 bits simply don’t offer sufficient security margin. Security of the hash function: This eliminates 2-4 because SHA1 is broken. We are left with 1 and 5. 1 is better and it’s perfectly OK to only support that but for interoperability, 5 can be included. </quote> Change-Id: I7413e1ca49167eceb5d633582d412dee59fb7b46 --- M modules/ssh/templates/sshd_config.erb 1 file changed, 2 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/21/185321/1 diff --git a/modules/ssh/templates/sshd_config.erb b/modules/ssh/templates/sshd_config.erb index e86c799..8f8dc72 100644 --- a/modules/ssh/templates/sshd_config.erb +++ b/modules/ssh/templates/sshd_config.erb @@ -20,6 +20,8 @@ #Privilege Separation is turned on for security UsePrivilegeSeparation yes +KexAlgorithms [email protected],diffie-hellman-group-exchange-sha256 + # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 1024 -- To view, visit https://gerrit.wikimedia.org/r/185321 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I7413e1ca49167eceb5d633582d412dee59fb7b46 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Dzahn <[email protected]> _______________________________________________ MediaWiki-commits mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
