[CentOS] SSH Weak Ciphers

Tue Oct 18 22:58:05 UTC 2016
Gordon Messmer <gordon.messmer at gmail.com>

On 10/18/2016 03:28 PM, Clint Dilks wrote:
> So first
> question is are people generally modifying the list of ciphers supported by
> the ssh client and sshd?

I suspect that "generally" people are not.  I do, because I can, and so 
that I can offer at least some advice to people who aim to do so.

> On CentOS 6 currently it looks like if I remove all the ciphers they are
> concerned about then I am left with Ciphers
> aes128-ctr,aes192-ctr,aes256-ctr for both /etc/ssh/sshd_config and
> /etc/ssh/ssh_config.

If you're going to go down this road, you should probably look at key 
exchanges and HMACs as well.  On CentOS 7, I use:

KexAlgorithms 
curve25519-sha256 at libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
Ciphers 
chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs 
hmac-sha2-512-etm at openssh.com,hmac-sha2-256-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128 at openssh.com

On CentOS 6, I believe you'd have to drop all of the @openssh.com items.

> Is just using these three ciphers like to cause me
> any problems?  Could having so few ciphers be creating a security concern
> itself?

I don't think it'd be a security concern, just compatibility issues.  So 
far, I've had minimal problems with restricted algorithms.  I do have to 
make an exception for a slightly old WD MyBook World edition.