Symptoms

The following security vulnerability has been reported in the Security Scan Report. Title: SSH Server Public Key Too Small Results: Algorithm Length ssh-rsa 1024 bit Threat: The SSH protocol (Secure Shell) is a method for secure remote login from one computer to another. The SSH Server is using a small Public Key. Best practices require that RSA digital signatures be 2048 or more bits long to provide adequate security. Key lengths of 1024 are acceptable through 2013, but since 2011 they are considered deprecated. For more information, please refer to NIST Special Publication 800-131A (http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf). Only server keys that are not part of a certificate are reported in this QID. QID: 38739 Title: Deprecated SSH Cryptographic Settings Results: Type Name key exchange diffie-hellman-group1-sha1 cipher arcfour256 cipher arcfour128 cipher 3des-cbc cipher blowfish-cbc cipher cast128-cbc cipher arcfour Threat: The target is using deprecated SSH cryptographic settings to communication

Cause

The SSH Public Key is configured by default with 1024 bits instead of 2048 bits, and may be using deprecated SSH Cryptographic Settings.

Resolution

1. Log in to the Avamar Utility Node as admin. 2. Elevate to root privilege. 3. Determine which ciphers might be used: cat /etc/ssh/sshd_config | grep -i ciphers Sample output: # Ciphers and keying Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,aes192-cbc,aes256-cbc 4. Run the following command to then confirm which ciphers are used: ssh -Q cipher Sample output: 3des-cbc blowfish-cbc cast128-cbc arcfour arcfour128 arcfour256 aes128-cbc aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com chacha20-poly1305@openssh.com 5. Make a backup copy of the /etc/ssh/sshd_config file: cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.`date +%y%m%d` 6. Using vi, edit the /etc/ssh/sshd_config file: vi /etc/ssh/sshd_config 7. Make the following changes: a. Remove any of deprecated SSH cryptographic settings listed in the security scan report. In this example, the ones listed below: cipher arcfour256 cipher arcfour128 cipher 3des-cbc cipher blowfish-cbc cipher cast128-cbc cipher arcfour b. Change the following parameter from 1024 to 2048: ServerKeyBits 2048 c. Remove the comments on these lines to specify which keys SSH is going to use: HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key 8. Check the size of each of these keys: ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub Sample output: 2048 82:4e:33:4a:1f:e6:81:7f:ef:c7:4c:1f:c7:b2:ce:59 [MD5] root@linux-host1 (RSA) ssh-keygen -lf /etc/ssh/ssh_host_ecdsa_key.pub Sample output: 256 a9:2b:e7:0b:ab:0b:be:2f:d4:9b:6c:2d:6c:fb:3d:e9 [MD5] root@linux-host1 (ECDSA) ssh-keygen -lf /etc/ssh/ssh_host_ed25519_key.pub Sample output: 256 65:c5:1e:1c:ac:a3:7c:05:90:21:a3:3c:7e:d6:d4:bd [MD5] root@linux-host1 (ED25519) If the sizes are lower than the output above, new keys must be generated. If required, run the applicable command for the key or keys to generate: sudo ssh-keygen -N '' -b 2048 -t rsa -f /etc/ssh/ssh_host_rsa_key sudo ssh-keygen -N '' -b 256 -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key sudo ssh-keygen -N '' -b 256 -t ed25519 -f /etc/ssh/ssh_host_ed25519_key Confirm any key overwrites: Generating public/private rsa key pair. /etc/ssh/ssh_host_rsa_key already exists. Overwrite (y/n)? y Your identification has been saved in /etc/ssh/ssh_host_rsa_key. Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub. The key fingerprint is: 47:60:91:14:b1:15:6e:6d:ea:e9:36:37:31:08:d3:69 root@vmtest-debian8 The key's randomart image is: +---[RSA 2048]----+ | .B=o. | | ..= . | | ..+.o | | ooEo | | S+o. | | o..o | | o o | | .o o | | ..o . | +-----------------+ 9. Verify that the configuration does not contain any errors: sshd -t There should be no output. If there are errors, correct them before proceeding. 10. Restart the sshd service: service sshd restart 11. To check which ciphers are being accepted after applying these changes, run the following command against each cipher listed previously: ssh -c "cipher_name" localhost If the cipher is being accepted, the output should match Appendix AIf the cipher is being denied, the output should match Appendix B

Support Cases