1.6.6 Ensure system wide crypto policy disables chacha20-poly1305 for ssh

Information

ChaCha20-Poly1305 is an authenticated encryption with additional data (AEAD) algorithm, that combines the ChaCha20 stream cipher with the Poly1305 message authentication code. Its usage in IETF protocols is standardized in RFC 8439.

A vulnerability exists in ChaCha20-Poly1305 as referenced in CVE-2023-48795

Solution

Note:

- The commands below are written for the included DEFAULT system-wide crypto policy. If another policy is in use and follows local site policy, replace DEFAULT with the name of your system-wide crypto policy.
- chacha20-poly1305 can be turned off globally by using the argument cipher opposed to cipher@SSH
- Multiple subpolicies may be assigned to a policy as a colon separated list. e.g. DEFAULT:NO-SHA1:NO-SSHCBC
- Subpolicies:
- Not included in the update-crypto-policies --set command will not be applied to the system wide crypto policy.
- must exist before they can be applied to the system wide crypto policy.
- pmod file filenames must be in all upper case, upper case, e.g. NO-SSHCHACHA20.pmod or they will not be read by the update-crypto-policies --set command.

- IF - CVE-2023-48795 has been addressed, and it meets local site policy, this recommendation may be skipped.

Create or edit a file in /etc/crypto-policies/policies/modules/ ending inpmod and add or modify one of the the following lines:

cipher@SSH = -CHACHA20-POLY1305 # Disables the chacha20-poly1305 cipher for SSH

Example:

# printf '%s
' "# This is a subpolicy to disable the chacha20-poly1305 ciphers" "# for the SSH protocol (libssh and OpenSSH)" "cipher@SSH = -CHACHA20-POLY1305" >> /etc/crypto-policies/policies/modules/NO-SSHCHACHA20.pmod

Run the following command to update the system-wide cryptographic policy

# update-crypto-policies --set <CRYPTO_POLICY>:<CRYPTO_SUBPOLICY1>:<CRYPTO_SUBPOLICY2>:<CRYPTO_SUBPOLICY3>

Example:

# update-crypto-policies --set DEFAULT:NO-SHA1:NO-WEAKMAC:NO-SSHCBC:NO-SSHCHACHA20

Run the following command to reboot the system to make your cryptographic settings effective for already running services and applications:

# reboot

See Also

https://workbench.cisecurity.org/benchmarks/18209

Item Details

Category: ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|AC-17(2), 800-53|IA-5, 800-53|IA-5(1), 800-53|SC-8, 800-53|SC-8(1), CSCv7|14.4

Plugin: Unix

Control ID: 3e7fe12da1e9ff840cda3b28b6fb358b40bd4d9684da9afca4959f4fdcfbc0b2