Hardening OpenSSH 9.6/9.7 in FreeBSD

0

While following the suggestions of https://github.com/jtesta/ssh-audit/wiki/FreeBSD and security/py-ssh-audit 3.2.0, I figured it’s better to make adjustments to the startup script in libexec/rc/rc.d/sshd.

diff --git a/libexec/rc/rc.d/sshd b/libexec/rc/rc.d/sshd
index 63113fd9ee74..ae54a2e3bcf3 100755
--- a/libexec/rc/rc.d/sshd
+++ b/libexec/rc/rc.d/sshd
@@ -20,10 +20,11 @@ configtest_cmd="sshd_configtest"
 pidfile="/var/run/${name}.pid"
 extra_commands="configtest keygen reload"
 
-: ${sshd_rsa_enable:="yes"}
 : ${sshd_dsa_enable:="no"}
-: ${sshd_ecdsa_enable:="yes"}
+: ${sshd_ecdsa_enable:="no"}
 : ${sshd_ed25519_enable:="yes"}
+: ${sshd_rsa_enable:="yes"}
+: ${sshd_rsa_keylength:="4096"}
 
 sshd_keygen_alg()
 {
@@ -44,6 +45,13 @@ sshd_keygen_alg()
 		;;
 	esac
 
+	local bits
+	case $alg in
+	rsa)
+		bits="-b ${sshd_rsa_keylength}"
+		;;
+	esac
+
 	if [ -f "${keyfile}" ] ; then
 		info "$ALG host key exists."
 		return 0
@@ -55,7 +63,7 @@ sshd_keygen_alg()
 	fi
 
 	echo "Generating $ALG host key."
-	/usr/bin/ssh-keygen -q -t $alg -f "$keyfile" -N ""
+	/usr/bin/ssh-keygen -q -t $alg -f "$keyfile" -N "" ${bits}
 	/usr/bin/ssh-keygen -l -f "$keyfile.pub"
 }

The patch is available for download.

In addition to the changes above, I added these lines not to only to /etc/ssh/sshd_config, but also to /etc/ssh/ssh_config, except for the HostKey lines.

HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

RequiredRSASize 4096

Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
HostKeyAlgorithms rsa-sha2-512,rsa-sha2-256,ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com
KexAlgorithms sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256
MACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com

As of today, I ended up with a clean bill of health.

$ ssh-audit -P 'Hardened OpenSSH Server v9.7 (version 1)' localhost
Host:   localhost
Policy: Hardened OpenSSH Server v9.7 (version 1)
Result: Passed

Here are the characteristics of the default installation of OpenSSH 9.6 in FreeBSD 13.3.

$ ssh-audit -P 'Hardened OpenSSH Server v9.6 (version 1)' localhost
Host:   localhost
Policy: Hardened OpenSSH Server v9.6 (version 1)
Result: Failed!

Errors:
  * Ciphers did not match.
    - Expected: chacha20-poly1305@openssh.com, aes256-gcm@openssh.com, aes128-gcm@openssh.com, aes256-ctr, aes192-ctr, aes128-ctr
    - Actual:   chacha20-poly1305@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com

  * Host key (rsa-sha2-256) sizes did not match.
    - Expected: 4096
    - Actual:   2048

  * Host key (rsa-sha2-512) sizes did not match.
    - Expected: 4096
    - Actual:   2048

  * Host keys did not match.
    - Expected (required): rsa-sha2-512, rsa-sha2-256, ssh-ed25519
    - Expected (optional): sk-ssh-ed25519@openssh.com, ssh-ed25519-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com
    - Actual:              rsa-sha2-512, rsa-sha2-256, ssh-rsa, ecdsa-sha2-nistp256, ssh-ed25519

  * Key exchanges did not match.
    - Expected: sntrup761x25519-sha512@openssh.com, curve25519-sha256, curve25519-sha256@libssh.org, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, diffie-hellman-group-exchange-sha256, ext-info-s, kex-strict-s-v00@openssh.com
    - Actual:   sntrup761x25519-sha512@openssh.com, curve25519-sha256, curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, diffie-hellman-group14-sha256, ext-info-s, kex-strict-s-v00@openssh.com

  * MACs did not match.
    - Expected: hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com, umac-128-etm@openssh.com
    - Actual:   umac-64-etm@openssh.com, umac-128-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com, hmac-sha1-etm@openssh.com, umac-64@openssh.com, umac-128@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-sha1

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>