similar to: [Bug 2334] New: Warn when weak Ciphers are used

https://bugzilla.mindrot.org/show_bug.cgi?id=2333 Bug ID: 2333 Summary: forbid old Ciphers, KexAlgorithms and MACs by default Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee:

Am 19.10.2016 um 00:58 schrieb Gordon Messmer <gordon.messmer at gmail.com>: > On 10/18/2016 03:28 PM, Clint Dilks wrote: >> So first >> question is are people generally modifying the list of ciphers supported by >> the ssh client and sshd? > > I suspect that "generally" people are not. I do, because I can, and so that I can offer at least some advice

Hi, In a recent security review some systems I manage were flagged due to supporting "weak" ciphers, specifically the ones listed below. So first question is are people generally modifying the list of ciphers supported by the ssh client and sshd? On CentOS 6 currently it looks like if I remove all the ciphers they are concerned about then I am left with Ciphers

Once upon a time, Erik Laxdal <elaxdal at ece.uvic.ca> said: > The supported KexAlgorithms, Ciphers, and MACs are generally listed > in the sshd_config man page. So 'man sshd_config' then look for the > section of the item of interest. Note that the man page does not always match the actual compiled binary (the build process does not update the man page to match

Dear libvirt team, we a currently in a pci-dss certification process and our security scanner found weak ciphers in the vlc_tls service on our centos6 box: When I scan using sslscan I can see that sslv3 and rc4 is accepted: inf0rmix@tardis:~$ sslscan myhost:16514 | grep Accepted Accepted SSLv3 256 bits DHE-RSA-AES256-SHA Accepted SSLv3 256 bits AES256-SHA Accepted SSLv3 128

On 10/18/2016 03:28 PM, Clint Dilks wrote: > So first > question is are people generally modifying the list of ciphers supported by > the ssh client and sshd? I suspect that "generally" people are not. I do, because I can, and so that I can offer at least some advice to people who aim to do so. > On CentOS 6 currently it looks like if I remove all the ciphers they are

On 2016-10-19 03:11, Leon Fauster wrote: > Is there any command to find the supported list of KeyAlgos, MACs and > Ciphers for > the particular system (e.g. EL{5,6,7})? Similar to $ openssl ciphers > -v ... The supported KexAlgorithms, Ciphers, and MACs are generally listed in the sshd_config man page. So 'man sshd_config' then look for the section of the item of

I have dovecot running as a pop3s server on port 995 it works great with sendmail and I run nessus to check security issues nessus reports this The SSLv2 server offers 3 strong ciphers, but also 0 medium strength and 2 weak "export class" ciphers. The weak/medium ciphers may be chosen by an export-grade or badly configured client software. They only offer a limited protection against

On 10/19/2016 08:30 AM, Leonard den Ottolander wrote: > Where did you get the idea that AES (~ Rijndael) is a weak cipher? It's not the cipher, but the mode. CBC has several known weaknesses in TLS, and is frequently regarded as potentially insecure as a result. https://www.openssl.org/~bodo/tls-cbc.txt

Hello Gordon, On Wed, 2016-10-19 at 10:31 -0700, Gordon Messmer wrote: > On 10/19/2016 08:30 AM, Leonard den Ottolander wrote: > > Where did you get the idea that AES (~ Rijndael) is a weak cipher? > > > It's not the cipher, but the mode. CBC has several known weaknesses in > TLS, and is frequently regarded as potentially insecure as a result. > >

Hello Clint, On Wed, 2016-10-19 at 11:28 +1300, Clint Dilks wrote: > The following weak client-to-server encryption algorithms are supported by > the remote service: > rijndael-cbc at lysator.liu.se > arcfour256 > arcfour128 > aes256-cbc > 3des-cbc > aes192-cbc > blowfish-cbc > cast128-cbc > arcfour > aes128-cbc Where did you get the idea that AES (~ Rijndael)

Can you use both ssl_protocols *and* ssl_cipher_list in the same config (in a way that's sane)? ssl_protocols (>= 2.1) and ssl_cipher_list co-exist, or are they mutually exclusive? I have a Dovecot 2.2.13 system, and I tried setting: I also tried things like ssl_cipher_list = HIGH or ssl_cipher_list = HIGH:!MEDIUM:!LOW however, doing this seems to make v3 still work unless I

Hello, I do vulnerability test on my infrastructure, and I get report about weak ciphers on samba services, is it possible to set stronger ciphers for samba? On old samba3 that was possible to set "ssl ciphers" in smb.conf, but now I don't see any documentation how to change it. Is it possible, if so, how? -- Arkadiusz Karpi?ski Efinity Sp. z o.o. 02-672 Warszawa, ul.

Hi All. In curl manual: --ciphers -> "(SSL) Specifies which ciphers to use in the connection. The list of ciphers must specify valid ciphers. Read up on SSL cipher list details on this URL:http://www.openssl.org/docs/apps/ciphers.html" In openssl: http://www.openssl.org/docs/apps/ciphers.html#CIPHER_SUITE_NAMES there are names such as "SSL_RSA_WITH_RC4_128_SHA RC4-SHA" but

Alice Wonder wrote: > On 10/19/2016 11:34 AM, Leonard den Ottolander wrote: >> Hello Gordon, >> > *snip* >> >> Personally I would be more concerned whether or not to enable ECDSA >> algorithms (https://blog.cr.yp.to/20140323-ecdsa.html). >> > For web server ECDSA certs is currently a concern because the only > curves with popular support across

Hello Alice, On Wed, 2016-10-19 at 13:40 -0700, Alice Wonder wrote: > On 10/19/2016 11:34 AM, Leonard den Ottolander wrote: > > Personally I would be more concerned whether or not to enable ECDSA > > algorithms (https://blog.cr.yp.to/20140323-ecdsa.html). > For web server ECDSA certs is currently a concern because the only > curves with popular support across browsers have

Hello Alice, On Wed, 2016-10-19 at 14:22 -0700, Alice Wonder wrote: > I formerly used secp521r1 but suddenly Google with no warning stopped > supporting it in chrome. That company is too powerful. Actually this is something the NSA insists on:

Why are legacy MACs (like md5-96), and legacy Ciphers (anything in cbc-mode, arcfour*(?)) enabled by default? My proposal would be to change the defaults for ssh_config and sshd_config to contain: MACs hmac-sha2-256,hmac-sha2-512,hmac-sha1 Ciphers aes128-ctr,aes192-ctr,aes256-ctr ...removing md5, truncated versions of sha1, umac64 (for which I can find barely any review), any cipher in cbc

Hi all, this is a patch to make Ciphers, MACs and KexAlgorithms available in Match blocks. Now I can reach a -current machine with some Android terminal app without changing the default ciphers for all clients: Match Address 192.168.1.2 Ciphers aes128-cbc MACs hmac-sha1 KexAlgorithms diffie-hellman-group-exchange-sha1 Index: servconf.c

Hi, I am trying to confirm that openssh transmissions do not use any kind of SSLv2 ciphers. I have glanced through the code briefly, and I did not find any indication that any openssl ciphers are even being used (it appears that openssl is used primarily for RSA key generation and select other things). So openssh uses its own built-in ciphers instead, right? Thanks for the assistance, Steven