Many Linux Administrators use ssh on a daily basis. Many of the ssh servers are in their default configuration. Not changing the default configuration puts the security of the server at risk. That is why it is important to follow a few simple configuration suggestions to reduce the risk.
SSH is a secure shell access to a Linux server. To ensure security, the default configuration provided by most distributions is not enough. SSH uses a number of cryptographic techniques to ensure that the information sent and received via ssh is secured. Over time some of those cryptographic methods have been proven insecure or not secure enough.
This article will show the configuration for a CentOS 6 server. As CentOS is a very conservative distribution, the OpenSSH client and server version is quite old. This does not necessarily mean that the ssh version is insecure or full of bugs as CentOS and RHEL developers still patch security issues in this “old” version.
So, why is there a new version? As some cryptographic methods over time were considered insecure or not secure enough, new cryptographic techniques where found and implemented. These new features are not backported to the “old” version of ssh used in CentOS. Depending on the version of ssh running on the server & client, different cryptographic methods are available. In modern ssh versions more secure methods are available while on older versions less of them are available.
Guides suggest and inform
Many Linux Administrators do not have the deep understanding of the math behind the cryptographic methods used – like me. Not understanding the math behind the cryptography is not an excuse for keeping the default configuration.
There is a lot of information available to secure an ssh server without the need to study cryptography for years. Here are a few of them.
* BetterCrypto.org – Applied Crypto Hardening
This website provides a easy to follow pdf to secure SSL/TLS and SSH. The pdf contains example configuration and explanation for a wide range of daemons from apache, nginx, OpneSSH in different versions, … and much, much more.
* Mozilla Wiki – Security/Guidelines/OpenSSH
This page from the Mozilla wiki focuses on ssh security only. It provides different configuration examples for the different versions of ssh used in different distributions. It also explains the use of Two-Factor authentication for ssh.
* Secure Secure Shell
This Guide focuses entirely on OpenSSH secure configuration. In this Guide a lot of easy to understand background information is provided to help understand why and where the different cryptographic methods are used. It describes as well why certain methods are excluded.
Without rating these sites and their suggested sshd configuration, the “Mozilla Wiki – Security/Guidelines/OpenSSH” instructions will be used to continue the sshd configuration.
The selected guide is separated into two sections for the up-to-date distributions and the conservative distributions like CentOS 6. Following the guide, add the following suggested configuration lines to the sshd config (/etc/ssh/sshd_config).
# Hardening SSH configuration KexAlgorithms ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 MACs hmac-sha2-512,hmac-sha2-256 Ciphers aes256-ctr,aes192-ctr,aes128-ctr
The other suggested options can be added to the sshd configuration as well if not already set. Before sshd is restarted, check the sshd config to be valid (-t) and show debug infos (-d) where the -d can be provided multiple times to show more details.
If the sshd configuration is not valid, the output will tell exactly which option and even the value that is invalid. In this example the “KexAlgorithms” contains the value “firstname.lastname@example.org” which is valid but not understood/supported by this version of OpenSSH.
sshd -t -dd debug2: load_server_config: filename /etc/ssh/sshd_config debug2: load_server_config: done config len = 888 debug2: parse_server_config: config /etc/ssh/sshd_config len 888 debug2: mac_setup: found hmac-sha2-512 debug2: mac_setup: found hmac-sha2-256 Unsupported KEX algorithm "email@example.com" /etc/ssh/sshd_config line 147: Bad SSH2 KexAlgorithms 'firstname.lastname@example.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256'.
With a valid sshd config, the output will look like the following example.
$ sshd -t -dd debug2: load_server_config: filename /etc/ssh/sshd_config debug2: load_server_config: done config len = 749 debug2: parse_server_config: config /etc/ssh/sshd_config len 749 debug2: mac_setup: found hmac-sha2-512 debug2: mac_setup: found hmac-sha2-256 debug1: sshd version OpenSSH_5.3p1 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA
After verifying the sshd configuration, the ssh daemon need to be restarted to activate the new configuration.
$ service sshd restart
Read more of my posts on my blog at https://blog.tinned-software.net/.