Difference between revisions of "Ciphers How To Guide"

From Swivel Knowledgebase
Jump to: navigation, search
(Update)
 
(8 intermediate revisions by the same user not shown)
Line 11: Line 11:
  
 
== Update ==
 
== Update ==
'''Wednesay 30th May 2018''' Hmac-ripemd160 is considered weak and removed from sshd_config.
+
'''Wednesay 30th May 2018''' The following default ciphers have been considered weak/medium: arcfour256,arcfour128,aes128-cbc,3des-cbc
  
Some changes have been made on sshd_config to harder the SSH ciphers:
+
You will need to update /etc/ssh/sshd_config to harder the SSH ciphers:
  
 +
'''MACs hmac-sha2-256,hmac-sha2-512'''
 +
 +
'''Ciphers aes128-ctr,aes192-ctr,aes256-ctr'''
 +
 +
'''HostKey /etc/ssh/ssh_host_rsa_key'''
 +
 +
'''KexAlgorithms diffie-hellman-group-exchange-sha256'''
  
'''MACs hmac-sha2-256,hmac-sha2-512
 
Ciphers aes128-ctr,aes192-ctr,aes256-ctr'''
 
 
 
'''HostKey /etc/ssh/ssh_host_rsa_key
 
KexAlgorithms diffie-hellman-group-exchange-sha256 6'''
 
  
 
This is based on next article [https://infosec.mozilla.org/guidelines/openssh#Configuration infosec.mozilla.org/guidelines/openssh#Configuration]
 
This is based on next article [https://infosec.mozilla.org/guidelines/openssh#Configuration infosec.mozilla.org/guidelines/openssh#Configuration]

Latest revision as of 09:01, 2 July 2019


Overview

By default, a Swivel appliance supports a number of 40- and 56-bit SSL encryption ciphers, in addition to 128-bit ciphers.

In order to disable the weak encryption algorithms, ensure that you apply the Tomcat Ciphers patch on all Swivel Servers. Alternatively, you can enforce 128-bit encryption manually, by modifying the Tomcat configuration to specify which ciphers are permissible on each instance of Swivel.

For instructions on how to apply the Tomcat Ciphers patch - please click the How To Guide

Update

Wednesay 30th May 2018 The following default ciphers have been considered weak/medium: arcfour256,arcfour128,aes128-cbc,3des-cbc

You will need to update /etc/ssh/sshd_config to harder the SSH ciphers:

MACs hmac-sha2-256,hmac-sha2-512

Ciphers aes128-ctr,aes192-ctr,aes256-ctr

HostKey /etc/ssh/ssh_host_rsa_key

KexAlgorithms diffie-hellman-group-exchange-sha256


This is based on next article infosec.mozilla.org/guidelines/openssh#Configuration


Thursday 1st October 2015 The weak Diffie-Hellman keys are also affecting Mobile Provisioning and Update Keys (predominantly on Android). Aswell as affecting Swivel Admin Console Access on Google Chrome and Firefox.

Tuesday 29th September 2015 A patch file that removes all weak ciphers, including the Diffie-Hellman keys has been publically released.

Only the patch can be applied on 2.0.x and 2.1 Appliances.

Please download the Tomcat Ciphers patch here and follow the instructions on how to apply the patch.

Friday 25th September 2015 CVE-2015-2808 reports that RC4 cyphers are now deprecated. The list of supported ciphers has been updated to reflect this.

The list of useable ciphers below has been updated to remove those vulnerable to the logjam vulnerability.

Friday 4th September 2015 There is a known issue, whereby updating Google Chrome (v45) and Mozilla Firefox (v39) no longer supports a weak ephemeral Diffie-Hellman public key. To resolve, the matter, you will need to update the server.xml by following the below section.

The weak Ciphers are:

  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_DHE_DSS_WITH_AES_128_CBC_SHA
  • SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  • SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
  • SSL_RSA_WITH_RC4_128_MD5
  • SSL_RSA_WITH_RC4_128_SHA

Prerequisites

Swivel appliance version 2.0.16 or earlier running Webmin

Ensure that there are valid backups of the file.

Enforce 128-bit Encryption on Apache Tomcat

You can edit the Tomcat configuration using Webmin. Log in as usual, then go to the Servers -> PINsafe page. Click on "Edit Tomcat Config File".

It is also possible to edit the file using WinSCP or through the CMI. On a Swivel appliance, the file is located at: /usr/local/tomcat/conf/server.xml

There are two places to edit the ciphers within this file on Swivel appliances. Locate the line looking something like the following:

<Connector address="0.0.0.0" port="8080" ...

Find the end of this line, indicated by the character sequence />. Delete these 2 characters, and insert a new line containing the following:

ciphers="TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA" />

Note that this MUST be all on one line.

The entire Connector definition should now look something like the following:

<Connector address="0.0.0.0" port="8080" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/home/swivel/.keystore" keystorePass="lockbox" 
	ciphers="TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA" />

You also need to make the same changes to the Connector with port="8443" (but not the one with port="8181").

Finally, Save the changes and restart Tomcat to apply them.


Restrict Webmin SSL Ciphers

Run the following commands from the Command line accessed through the CMI to make the necessary changes:

[admin@primary ~]# echo 'ssl_cipher_list=ALL:!ADH:!LOW:!MEDIUM:!SSLv2:!EXP:+HIGH' >> /etc/webmin/miniserv.conf
[admin@primary ~]# service webmin restart

Stopping Webmin server in /usr/libexec/webmin
Starting Webmin server in /usr/libexec/webmin


To test, you should receive the following "alert handshake failure" when you run this command:

[admin@primary ~]# openssl s_client -connect localhost.localdomain:10000 -cipher LOW

CONNECTED(00000003)
18339:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:470:

FAQ

Why is 128-bit encryption used?

AES only supports 128-bit, 192-bit and 256-bit key sizes. Cracking encryption involves cracking the key, and the attacks we see involve finding a weakness in the cipher to drastically reduce the possible space of keys (for a brute force attack). No attack has yet been found for AES-128, so breaking this key requires a search through 2^128, or about 34 undecillion keys. This is a very large number, and AES-128 is secure enough for practical purposes. AES-256 is used by the US military for top secret information.