Hello everyone.. I am fairly new to the patching format.. so I just decided to
post a basic info
about how to remove group1 and group14 diffie key exchange in OpenSSH.
I know that they are listed as required in RFC 4253 but I don't want a
client to have the choice
to use a 1024 bit prime for the key exchange. If someone is getting into my
system.. they should
upgrade to a new client. I am a fan of 8192 bit primes : )
I also give instructions to allow only RSA host auth keys because DSA only allow
1024 bit
(I am sleepy and don't want to look that up so maybe it is a different bit
size).
I am pretty sure (not 100 percent) that this does not affect the security of
OpenSSH. If anyone
out there wants to comment, please feel free.
Below is my basic explanation of what to change. It is just meant to show what
should change.
I do apologize for not using the patch format
and I also apologize if we are not supposed to post patch-like info. Also.. if
you do try to recompile..
you might need to change your Makefiles. All of these files are in /usr/src/ssh/
TO REMOVE GROUP1 and GROUP14
IN myproposal.h
#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha256," \
"diffie-hellman-group-exchange-sha1," \
"diffie-hellman-group14-sha1," \
"diffie-hellman-group1-sha1"
CHANGE TO
#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha256," \
"diffie-hellman-group-exchange-sha1"
IN sshd.c
kex = kex_setup(myproposal);
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
CHANGE TO
kex = kex_setup(myproposal);
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
IN kex.h
#define KEX_DH1 "diffie-hellman-group1-sha1"
#define KEX_DH14 "diffie-hellman-group14-sha1"
#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
CHANGE TO
#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
AND ALSO
enum kex_exchange {
KEX_DH_GRP1_SHA1,
KEX_DH_GRP14_SHA1,
KEX_DH_GEX_SHA1,
KEX_DH_GEX_SHA256,
KEX_MAX
};
CHANGE TO
enum kex_exchange {
KEX_DH_GEX_SHA1,
KEX_DH_GEX_SHA256,
KEX_MAX
};
IN kex.c
static void
choose_kex(Kex *k, char *client, char *server)
{
k->name = match_list(client, server, NULL);
if (k->name == NULL)
fatal("no kex alg");
if (strcmp(k->name, KEX_DH1) == 0) {
k->kex_type = KEX_DH_GRP1_SHA1;
k->evp_md = EVP_sha1();
} else if (strcmp(k->name, KEX_DH14) == 0) {
k->kex_type = KEX_DH_GRP14_SHA1;
k->evp_md = EVP_sha1();
} else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
k->kex_type = KEX_DH_GEX_SHA1;
k->evp_md = EVP_sha1();
} else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
k->kex_type = KEX_DH_GEX_SHA256;
k->evp_md = evp_ssh_sha256();
}
else
fatal("bad kex alg %s", k->name);
}
CHANGE TO
static void
choose_kex(Kex *k, char *client, char *server)
{
k->name = match_list(client, server, NULL);
if (k->name == NULL)
fatal("no kex alg");
if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
k->kex_type = KEX_DH_GEX_SHA1;
k->evp_md = EVP_sha1();
} else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
k->kex_type = KEX_DH_GEX_SHA256;
k->evp_md = evp_ssh_sha256();
}
else
fatal("bad kex alg %s", k->name);
}
IN monitor.c
kex->we_need = buffer_get_int(m);
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
CHANGE TO
kex->we_need = buffer_get_int(m);
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
TO REMOVE DSA HOST KEY
IN servconf.c
if (options->protocol & SSH_PROTO_2) {
options->host_key_files[options->num_host_key_files++]
_PATH_HOST_RSA_KEY_FILE;
options->host_key_files[options->num_host_key_files++]
_PATH_HOST_DSA_KEY_FILE;
}
CHANGE TO
if (options->protocol & SSH_PROTO_2) {
options->host_key_files[options->num_host_key_files++]
_PATH_HOST_RSA_KEY_FILE;
}
/etc/rc
REMOVE LINES ABOUT GENERATING THE UNWANTED KEYS AT STARTUP (cant print the lines
because
I already deleted them.. sorry)
