Need a way to disable SSH Cipher

jcouillardboreal-is.com

As per requirement for our production site, CBC and RC4 mode for SSH must be denied.
Every time I edit /etc/ssh/sshd_config it last only until a reboot or a reconfiguration of the SSHd daemon.
Is there a way to make that change permanent ?

Thanks

johnpoz

You might be able to include your config in the sshd_extra file that is loaded from /etc/ to do stuff to the config that survives reboot.  This is where you can banner cmd for example.

jcouillardboreal-is.com

Hi Johnpoz,
Thanks for the reply. But the file is not present, and if I create it and put "Ciphers aes128-ctr,aes256-ctr" in it while the sshd_config is back at it's regular state (with Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc as the first line). When I test for CBC or RC4 mode the are still present, so the override does not work.

I'm using pfSense 2.3

Thanks again

johnpoz

yeah you have to create it..  It is loaded after the config

      /* Apply package SSHDCond settings if config file exists */
        if (file_exists("/etc/sshd_extra")) {
                $fdExtra = fopen("/etc/sshd_extra", 'r');
                $szExtra = fread($fdExtra, 1048576); // Read up to 1MB from extra file
                $sshconf .= $szExtra;
                fclose($fdExtra);
        }

So yeah changing something that is done in the config might not work..  Pretty sure you would have to edit the /etc/sshd file

it has the stuff that is put in the config

/* Include default configuration for pfSense */
        $sshconf = "# This file is automatically generated at startup\n";
        $sshconf .= "Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc\n";

But this would most likely get put back next time pfsense updates.

Best solution to this stuff would be feature request for pfsense to be able to pick the ciphers from the gui.  But an edit of this file should do what you want until you update pfsense again and this file gets changed..

heper

yeah best create a PR against master or releng_2_3

below could be stored in config & adjustable by GUI
https://github.com/pfsense/pfsense/blob/master/src/etc/sshd#L102

johnpoz

Curious are you allowing ssh from the public to pfsense?  Or is this internal access only?  Normally only ones that should be able to access pfsense admin be it gui or ssh should be locked to admin devices anyway.  Having to restrict specific ciphers that can be used seems a bit over the top..  But the ability to easy change this along with the ssl/tls algo used in the web gui sure are some nice bells and whistles ;)

jcouillardboreal-is.com

The file was put under /etc/ssh which is incorrect. Once moved under /etc/ i've restarted SSHd and the line Ciphers get appended to the file, so it create a double definition of that parameter and the first one seem to be used. (i use the nmap script ssh2-enum-algos.nse to test it).

I'll go for that feature request. +1 for the inclusion of the same concept but for the webgui when on https is a good idea.

And for your question SSHd is allowed only for a specific subset of IPs and password logon are denied.

How can I ask for that feature ? Newbie here on the forum.

Thanks

johnpoz

bounty section is where you normally ask for something ;)

You can edit the /etc/sshd file do have it do whatever ciphers want that would be quick fix until/if a way gets put into do it from the qui.

I just edited mine so I could use the new chacha20 ;)  kept meaning to do this, this thread got my fire started ;)

So you can see big bang zoom and there you go

debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit>compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit>compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:iLeLI4NVkAcglcXPyBw44OgCt4JmJdewn8cUhgEpfK0
debug1: Host 'pfsense.local.lan' is known and matches the ECDSA host key.

edit /etc/sshd

$sshconf .= "Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n";
$sshconf .= "KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256\n";
$sshconf .= "MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com\n";

```</implicit></implicit>

jcouillardboreal-is.com

Terrific, thanks a lot.

CloudJourneyman

+1 for this being a feature in the GUI for selecting SSH and WebUI Ciphers and SSL/TLS versions.

Did you end up requesting it in the bounty section couillard45682? If so, perhaps post the link in this thread so everyone can find it and give it a bump.