Ask the SysAdmin: Fixing Cipher and MAC SSH Security Problems

May 1st, 2016

We recently encountered a situation with a governmental client wherein their web site failed a routine Department of Homeland Security (DHS) security scan. The site is hosted on the cloud, and the only ports open are 22 (SSH) and 80 (HTTP). The vulnerability was found within SSH:

SSH Server CBC Mode Ciphers Enabled Contact the vendor or consult product documentation to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption. Description: The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext. SSH Weak MAC Algorithms Enabled Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms. Description: The SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are considered weak.

To resolve this issue, a couple of configuration changes are needed. They both occurred in the /etc/ssh directory (in the Ubuntu 14.04.01 LTS distribution). First, add the following to sshd_config using vim or another command-line tool such as emacs:

Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour
MACs hmac-sha1,hmac-ripemd160

I added these lines under this section:

RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys

Then, in ssh_config (note the missing “d” in the filename), I commented out the previous Ciphers and MACs lines and added my own:

# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
 Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour
 # MACs hmac-md5,hmac-sha1,,hmac-ripemd160
 MACs hmac-sha1,hmac-ripemd160

You will then need to restart the ssh service: service ssh restart (possibly service sshd restart, depending on the distro). To test that the weak Cipher is no longer allowed, use this command to connect to the host:

ssh -vv -oCiphers=aes128-cbc,3des-cbc,blowfish-cbc <IP Address>

Then, to check the MAC:

ssh -vv -oMACs=hmac-md5 <IP Address>

You should get the following errors:

no matching cipher found: client aes128-cbc,3des-cbc,blowfish-cbc server aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour no matching mac found: client hmac-md5 server hmac-sha1,hmac-ripemd160

I also used this command to verify that I could still connect by specifying an allowed Cipher, in this case aes128-ctr:

ssh -vv -oCiphers=aes128-ctr,3des-cbc,blowfish-cbc <IP Address>

Thanks to the UITS Team for the info! Happy sys-admin-ing!

Adam Behnke

Adam is a mobile/web developer for Accella who has been developing telecom and web applications since the mid-90's, before the dot-com bust. With a heavy telecom background, Adam can speak fluently in 3GPP, ASN.1, SS7, and SIGTRAN as well.

Leave a Reply