Detections
Analytics

5.1.6 Ensure sshd MACs are configured

Information

This variable limits the types of MAC algorithms that SSH can use during communication.

Notes:

 - Some organizations may have stricter requirements for approved MACs.
 - Ensure that MACs used are in compliance with site policy.
 - The only "strong" MACs currently FIPS 140 approved are:
 - HMAC-SHA1
 - HMAC-SHA2-256
 - HMAC-SHA2-384
 - HMAC-SHA2-512

MD5 and 96-bit MAC algorithms are considered weak and have been shown to increase exploitability in SSH downgrade attacks. Weak algorithms continue to have a great deal of attention as a weak spot that can be exploited with expanded computing power. An attacker that breaks the algorithm could take advantage of a MiTM position to decrypt the SSH tunnel and capture credentials and information.

Solution

Note:

 - First occurrence of an option takes precedence.
 - Though MACs may be configured through the MACs option in the /etc/ssh/sshd_config file, it is recommended that the MACs available to openSSH server are configured through system-wide-crypto-policy
 - If the recommendations in the subsection "Configure system wide crypto policy" have been followed, this Audit should be in a passing state. Please review that section before following this Remediation Procedure
 - By default, system-wide-crypto-policy is applied to the openSSH server. If the following defaults don't exist due to modifications or upgrade from a earlier release, the system-wide-crypto-policy may not be included by the openSSH server. It is recommended that these defaults be restored, created, or the line Include /etc/crypto-policies/back-ends/opensshserver.config be added before any lines containing the MACs argument.
 - Defaults:
 - The file /etc/ssh/sshd_config includes the line: Include /etc/ssh/sshd_config.d/*.conf This line must appear before any lines containing the MACs argument
 - This directory /etc/ssh/sshd_config.d/ includes a file /etc/ssh/sshd_config.d/50-redhat.conf
 - The file /etc/ssh/sshd_config.d/50-redhat.conf includes the line Include /etc/crypto-policies/back-ends/opensshserver.config
 - The file /etc/crypto-policies/back-ends/opensshserver.config is generated by system-wide-crypto-policy

- IF - CVE-2023-48795 has not been reviewed and addressed, Recommendation

"Ensure system wide crypto policy disables EtM for ssh"

should be followed.

Create or edit a file in /etc/crypto-policies/policies/modules/ ending inpmod and add or modify the the following line:

mac@SSH = -HMAC-MD5* -UMAC-64* -UMAC-128*

Example:

# printf '%s
' "# This is a subpolicy to disable weak MACs" "# for the SSH protocol (libssh and OpenSSH)" "mac@SSH = -HMAC-MD5* -UMAC-64* -UMAC-128*" >> /etc/crypto-policies/policies/modules/NO-SSHWEAKMACS.pmod

Run the following command to update the system-wide cryptographic policy

# update-crypto-policies --set <CRYPTO_POLICY>:<CRYPTO_SUBPOLICY1>:<CRYPTO_SUBPOLICY2>:<CRYPTO_SUBPOLICY3>

Example:

# update-crypto-policies --set DEFAULT:NO-SHA1:NO-WEAKMAC:NO-SSHCBC:NO-SSHCHACHA20:NO-SSHETM:NO-SSHWEAKCIPHERS:NO-SSHWEAKMACS

Run the following command to reload the openSSH server to make your cryptographic settings effective:

# systemctl reload-or-restart sshd

- OR - If system-wide-crypto-policy is not being used to configure available ciphers ( This is not recommended )

Edit the /etc/ssh/sshd_config file and add/modify the MACs line to contain a comma separated list of the site unapproved (weak) MACs preceded with a - above any Include entries:

Example:

MACs -hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-sha1-96,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected]

- IF - CVE-2023-48795 has not been reviewed and addressed, the following etm MACs should be added to the exclude list:

[email protected]

,

[email protected]

,

[email protected]

See Also

https://workbench.cisecurity.org/benchmarks/18211

Item Details

Category: ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|AC-17(2), 800-53|IA-5, 800-53|IA-5(1), 800-53|SC-8, 800-53|SC-8(1), CSCv7|14.4, CSCv7|16.5

Plugin: Unix

Control ID: cb8e0bd8eee48d066c89b856e6aead16967b45c21177b108500a55fefa74ebca