ssh 加密算法相关信息含义解析与弱加密算法禁用方法
问题描述
sshd 的默认配置中使能了一些弱加密算法,有潜在的安全风险,需要禁用这些弱加密算法。
对 ssh 加密算法的掌握现状
几乎为 0。
从 man sshd_config 开始
1. Ciphers
CiphersSpecifies the ciphers allowed. Multiple ciphers must be comma-separated. If the specified value begins with a '+' char-acter, then the specified ciphers will be appended to the default set instead of replacing them. If the specified valuebegins with a '-' character, then the specified ciphers (including wildcards) will be removed from the default set insteadof replacing them.The supported ciphers are:3des-cbcaes128-cbcaes192-cbcaes256-cbcaes128-ctraes192-ctraes256-ctraes128-gcm@openssh.comaes256-gcm@openssh.comchacha20-poly1305@openssh.comThe default is:chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.comThe list of available ciphers may also be obtained using "ssh -Q cipher".
Ciphers 指定 ssh 使能的加密算法。多个加密算法之间使用逗号分隔。当 Ciphers 的值以 +
字符开始时,指定的加密算法将附加到默认集合,不影响默认集合中的其它算法。当 Ciphers 的值以 ‘-’ 字符开始时,指定的加密算法将会从默认集合中移除,不影响默认集合中的其它项目。
1.1 nmap 扫描默认的 Ciphers
使用默认 Ciphers 情况下 nmap 扫描到的 Ciphers:
| encryption_algorithms: (6)
| chacha20-poly1305@openssh.com
| aes128-ctr
| aes192-ctr
| aes256-ctr
| aes128-gcm@openssh.com
| aes256-gcm@openssh.com
.........
1.2 sshd_config 中新增 Ciphers 后扫描
在 sshd_config 文件的最后添加如下行:
Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc
重启 sshd 后,重新扫描,结果如下:
| encryption_algorithms: (10)
| chacha20-poly1305@openssh.com
| aes128-ctr
| aes192-ctr
| aes256-ctr
| aes128-gcm@openssh.com
| aes256-gcm@openssh.com
| 3des-cbc
| aes128-cbc
| aes192-cbc
| aes256-cbc
可以看到添加新的算法到默认集合成功。
1.3 sshd_config 中删除指定 Ciphers 后扫描
在 sshd_config 文件的最后添加如下行:
Ciphers -aes128-ctr,aes128-gcm@openssh.com
重启 sshd 后,重新扫描,结果如下:
| encryption_algorithms: (4)
| chacha20-poly1305@openssh.com
| aes192-ctr
| aes256-ctr
| aes256-gcm@openssh.com
可以看到指定的凉饿 aes128 加密算法已经被移除。
MACs
MACs Specifies the available MAC (message authentication code) algorithms. The MAC algorithm is used for data integrity pro-tection. Multiple algorithms must be comma-separated. If the specified value begins with a '+' character, then the spec-ified algorithms will be appended to the default set instead of replacing them. If the specified value begins with a '-'character, then the specified algorithms (including wildcards) will be removed from the default set instead of replacingthem.The algorithms that contain "-etm" calculate the MAC after encryption (encrypt-then-mac). These are considered safer andtheir use recommended. The supported MACs are:hmac-md5hmac-md5-96hmac-sha1hmac-sha1-96hmac-sha2-256hmac-sha2-512umac-64@openssh.comumac-128@openssh.comhmac-md5-etm@openssh.comhmac-md5-96-etm@openssh.comhmac-sha1-etm@openssh.comhmac-sha1-96-etm@openssh.comhmac-sha2-256-etm@openssh.comhmac-sha2-512-etm@openssh.comumac-64-etm@openssh.comumac-128-etm@openssh.comThe default is:umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1The list of available MAC algorithms may also be obtained using "ssh -Q mac".
MACs 选项指定可用的 MAC(消息认证代码)算法,用于数据完整性保护。配置方法与 Ciphers 一致,不再赘述。
KexAlgorithms
KexAlgorithmsSpecifies the available KEX (Key Exchange) algorithms. Multiple algorithms must be comma-separated. Alternately if thespecified value begins with a '+' character, then the specified methods will be appended to the default set instead of re-placing them. If the specified value begins with a '-' character, then the specified methods (including wildcards) willbe removed from the default set instead of replacing them. The supported algorithms are:curve25519-sha256curve25519-sha256@libssh.orgdiffie-hellman-group1-sha1diffie-hellman-group14-sha1diffie-hellman-group14-sha256diffie-hellman-group16-sha512diffie-hellman-group18-sha512diffie-hellman-group-exchange-sha1diffie-hellman-group-exchange-sha256ecdh-sha2-nistp256ecdh-sha2-nistp384ecdh-sha2-nistp521The default is:curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1The list of available key exchange algorithms may also be obtained using "ssh -Q kex".
KexAlgorithms 选项指定可用的密钥交换算法。配置方法与 Ciphers 一致,不再赘述。
PubkeyAcceptedKeyTypes
Specifies the key types that will be accepted for public key authentication as a list of comma-separated patterns. Alter-nately if the specified value begins with a '+' character, then the specified key types will be appended to the defaultset instead of replacing them. If the specified value begins with a '-' character, then the specified key types (includ-ing wildcards) will be removed from the default set instead of replacing them. The default for this option is:ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsaThe list of available key types may also be obtained using "ssh -Q key".
PubkeyAcceptedKeyTypes 指定公钥认证允许的密钥类型。配置方法与 Ciphers 一致,不再赘述。
如何查看 ssh 支持的不同类别的加密算法
相关命令:
Ciphers: ssh -Q cipher
MACs: ssh -Q mac
KexAlgorithms: ssh -Q kex
PubkeyAcceptedKeyTypes: ssh -Q key
备注:这些命令输出的项目是 ssh 支持的,并不一定是 ssh 使能的项目。
通过 ssh 命令指定特定的算法
命令示例:
- ssh -vv -oMACs=hmac-sha1-etm@openssh.com
- ssh -vv -oCiphers=xxx
- ssh -vv -o…
运行示例:
longyu@debian:~$ ssh -vv -oMACs=hmac-sha1-etm@openssh.com longyu@192.168.122.1
OpenSSH_7.9p1 Debian-10+deb10u2, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolve_canonicalize: hostname 192.168.122.1 is address
debug2: ssh_connect_direct
debug1: Connecting to 192.168.122.1 [192.168.122.1] port 22.
debug1: Connection established.
debug1: identity file /home/longyu/.ssh/id_rsa type -1
debug1: identity file /home/longyu/.ssh/id_rsa-cert type -1
debug1: identity file /home/longyu/.ssh/id_dsa type -1
debug1: identity file /home/longyu/.ssh/id_dsa-cert type -1
debug1: identity file /home/longyu/.ssh/id_ecdsa type -1
debug1: identity file /home/longyu/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/longyu/.ssh/id_ed25519 type -1
debug1: identity file /home/longyu/.ssh/id_ed25519-cert type -1
debug1: identity file /home/longyu/.ssh/id_xmss type -1
debug1: identity file /home/longyu/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9p1 Debian-10+deb10u2
debug1: match: OpenSSH_7.9p1 Debian-10+deb10u2 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.122.1:22 as 'longyu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
debug2: MACs ctos: hmac-sha1-etm@openssh.com
debug2: MACs stoc: hmac-sha1-etm@openssh.com
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
debug2: MACs stoc: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: diffie-hellman-group14-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
如下输出中,stoc 的输出表明 server 使能的相关加密算法。
debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
debug2: MACs stoc: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
-vv 选项指定 ssh 打印处理过程中的一些 debug 信息。这些信息对于定位一些连接、认证、配置问题非常有用。
参考链接
https://serverfault.com/questions/735176/how-can-i-list-macs-ciphers-and-kexalogrithms-supported-by-my-ssh-server
ssh 加密算法相关信息含义解析与弱加密算法禁用方法相关推荐
- linux如何更改ssh配置文件,Linux系统下ssh的相关配置详细解析
ssh是大家常用的登录linux服务器的方式,但是为了安全考虑,有时候我们需要针对ssh做一些特殊处理,本文记录笔者曾经做过的一些修改,供大家参考. 一.修改ssh端口 ssh默认为22端口,如果需要 ...
- dedecms提示 把数据保存到数据库主表 '#@__archives' 时出错,请把相关信息提交给 dedecms官方
如图,添加问题提示上图报错: 参考解决办法如下: 总结网络方法一: 把数据保存到数据库主表 `#@__archives` 时出错,请把相关信息提交给DedeCms官方.Unknown column ' ...
- 获取硬盘和卷或分区相关信息(容量,ID,卷标名字等)
1.枚举所有硬盘 这里主要借助了setup API,这些API主要是NT4.0之后提供的一些用于操作设备的API. 枚举所有硬盘借助了SetupDiGetClassDevs与SetupDiEnumDe ...
- SSH协议弱加密算法漏洞的利用及复现(中间人攻击)
SSH协议弱加密算法漏洞的利用及复现(中间人攻击) SSH协议弱加密算法漏洞的利用及复现(中间人攻击) 很多服务器或者交换机是存在SSH协议弱加密算法漏洞的,但是该漏洞如何利用呢?最近研究了下此漏洞的 ...
- Dex文件内容解析APK相关信息
Dex文件格式 我们都知道Android项目在构建的时候,会将class文件的jar包通过dx工具将其转化成dex文件,目的是将所有的class文件整合到一个dex文件中,这样的目的是降低冗余,因为每 ...
- linux禁用ssh弱加密算法,SSHSSL弱加密算法漏洞修复
一.SSH SSH的配置文件中加密算法没有指定,默认支持所有加密算法,包括arcfour,arcfour128,arcfour256等弱加密算法. 修改SSH配置文件,添加加密算法: vi /etc/ ...
- linux禁用ssh弱加密算法,ssh弱加密算法漏洞修复
8种机械键盘轴体对比 本人程序员,要买一个写代码的键盘,请问红轴和茶轴怎么选? ssh弱加密算法漏洞修复 SSH弱加密算法漏洞修复 1.A security scan turned up two SS ...
- ManagementClass类解析和C#如何获取硬件的相关信息
在.NET的项目中,有时候需要获取计算机的硬件的相关信息,在C#语言中需要利用ManagementClass这个类来进行相关操作. 现在先来介绍一下ManagementClass类,首先看一下类的继承 ...
- Linux之相关英文缩写含义
1.目录名: 名称 英文 英文含义 描述 /boot boot 引导 操作系统的内核及在引导过程中使用的文件 /root root 根 系统管理员的主目录(根目录) /run run 运行 系统运行时 ...
最新文章
- ionic中的ion-option-button
- java中有哪几种注释方式_在 Java 中, 有多种注释方法,其中 __________ 适用于单行注释。...
- dhcp MySQL 超时_mysql导入sql文件过大或连接超时的解决的方法
- mysql约束_从零开始学 MySQL - SQL 约束分类
- 山东省2021年高考成绩查询平台6,山东2021年高考成绩改为6月26日前公布
- 动态规划(三)——最少硬币和所有硬币问题
- 如何访问docker内php,如何进入docker容器
- 如何自学python知乎-如何快速学习python?
- 关于Chromium Embedded Framework (CEF)的编译
- Winform自动升级系统的设计与实现(源码)
- 图书isbn批量生成一维条码
- 读书印记 - 《星船伞兵》
- 从冬令营到字节跳动,我从ICPCer变身Bytedancer
- 【云驻共创】华为云助力加速构建企业数据资产和数据治理生产线
- 镜头调制传递函数MTF
- linux批量删除screen,你不知道的linux系统中强大的screen命令
- android XML文件加注释
- Jsp的四种作用域范围
- Python识别身份证号码并检查是否合法(pysseract,dlib,opencv)
- 如果哥白尼也玩“虚拟化”和“超融合”