Overview
During security scans, one of the security vulnerabilities that can be found is deprecated SSH cryptographic settings. The SSH protocol (Secure Shell) is a method for securing remote login from one computer to another but the target may be using deprecated SSH cryptographic settings to communicate.
Solution
The solution is to avoid using deprecated cryptographic settings. The best practices when configuring SSH are described in Security of Interactive and Automated Access Management Using Secure Shell (SSH).
The following settings are currently considered deprecated:
Setting | Description |
---|---|
Ciphers using CFB of OFB | Very uncommon, and deprecated because of weaknesses compared to newer cipher chaining modes such as CTR or GCM |
RC4 cipher (arcfour, arcfour128, arcfour256) | The RC4 cipher has a cryptographic bias and is no longer considered secure |
Ciphers with a 64-bit block size (DES, 3DES, Blowfish, IDEA, CAST) | Ciphers with a 64-bit block size may be vulnerable to birthday attacks (Sweet32) |
Key exchange algorithms using DH group 1 (diffie-hellman-group1-sha1, gss-group1-sha1-*) | DH group 1 uses a 1024-bit key which is considered too short and vulnerable to Logjam-style attacks |
Key exchange algorithm "rsa1024sha1" | Very uncommon, and deprecated because of the short RSA key size |
MAC algorithm "umac-32" | Very uncommon, and deprecated because of the very short MAC length |
Cipher "none" | This is available only in SSHv1 |
Changes can be made in the /etc/ssh/sshd_config file to disable the deprecated ciphers and key exchange algorithms.