1 %%----------------------------------------------------------------------
3 \subsubsection{Tested with Version} OpenSSH 6.1
4 \subsubsection{Settings}
5 \paragraph*{sshd_config}
6 \begin{lstlisting}[breaklines]
10 PermitEmptyPasswords no
13 HostKey /etc/ssh/ssh_host_rsa_key
15 Ciphers aes256-gcm@openssh.com aes128-gcm@openssh.com aes256-ctr aes128-ctr
16 MACs umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
17 KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1
20 % XXX: curve25519-sha256@libssh.org only available upstream(!)
21 Note: Older linux systems won't support SHA2. PuTTY (Windows) does not support
22 RIPE-MD160. Curve25519, AES-GCM and UMAC are only available upstream (OpenSSH
23 6.1). DSA host keys have been removed on purpose, the DSS standard does not
24 support for DSA keys stronger than 1024bit
25 \footnote{\url{https://bugzilla.mindrot.org/show_bug.cgi?id=1647}} which is far
26 below current standards (see section \ref{section:keylengths}). Legacy systems
27 can use this configuration and simply omit unsupported ciphers, key exchange
29 \subsubsection{Additional settings}
30 Note that the setting \texttt{ServerKeyBits 4096} has no effect until you re-generate new ssh host keys. There might be issues if you have users which rely on the fingerprint of the old ssh host key being stored in their clients' \texttt{.ssh/known\_hosts} file.
31 %\subsubsection{Justification for special settings (if needed)}
32 \subsubsection{References}
33 The openssh sshd\_config man page is the best reference: \url{http://www.openssh.org/cgi-bin/man.cgi?query=sshd_config}
34 \subsubsection{How to test}
35 Connect a client with verbose logging enabled to the SSH server \\
36 \begin{lstlisting}[breaklines]
37 $ ssh -vvv myserver.com
38 \end{lstlisting}and observe the key exchange in the output.
41 %%----------------------------------------------------------------------
42 \subsection{Cisco ASA}
43 \subsubsection{Tested with Version} 9.1(3)
44 \subsubsection{Settings}
45 \begin{lstlisting}[breaklines]
46 crypto key generate rsa modulus 2048
48 ssh key-exchange group dh-group14-sha1
52 Note: When the ASA is configured for SSH, by default both SSH versions 1 and 2 are allowed. In addition to that, only a group1 DH-key-exchange is used. This should be changed to allow only SSH version 2 and to use a key-exchnage with group14. The generated RSA key should be 2048 bit (the actual supported maximum). A non-cryptographic best practice is to reconfigure the lines to only allow SSH-logins.
53 \subsubsection{References}
54 \url{http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/admin\_management.html }
55 \subsubsection{How to test}
56 Connect a client with verbose logging enabled to the SSH server \\
57 \begin{lstlisting}[breaklines]
58 $ ssh -vvv myserver.com
59 \end{lstlisting}and observe the key exchange in the output.
62 %----------------------------------------------------------------------
63 \subsection{Cisco IOS}
64 \subsubsection{Tested with Version} 15.0, 15.1, 15.2
65 \subsubsection{Settings}
66 \begin{lstlisting}[breaklines]
67 crypto key generate rsa modulus 2048 label SSH-KEYS
68 ip ssh rsa keypair-name SSH-KEYS
70 ip ssh dh min size 2048
72 Note: Same as with the ASA, also on IOS by default both SSH versions 1 and 2 are allowed and the DH-key-exchange only use a DH-group of 768 Bit.
73 In IOS, a dedicated Key-pair can be bound to SSH to reduce the usage of individual keys-pairs.
74 \subsubsection{References}
75 \url{http://www.cisco.com/en/US/docs/ios/sec\_user\_services/configuration/guide/sec\_secure\_shell\_v2.html }
76 % add any further references or best practice documents here
77 \subsubsection{How to test}
78 Connect a client with verbose logging enabled to the SSH server \\
79 \begin{lstlisting}[breaklines]
80 $ ssh -vvv myserver.com
81 \end{lstlisting}and observe the key exchange in the output.