Harden SSH in CentOS 8

[KernelOops]

Its important to restrict SSH to specific high-grade ciphers, macs and keys. The default setup is rather "loose" for backwards compatibility.

A typical hardened setup uses the following changes in /etc/ssh/sshd_config:

Code: Select all

MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com
KexAlgorithms curve25519-sha256@libssh.org

Unfortunately, the above lines won't work in CentOS 8 because the sshd daemon is called with separate parameters that override the sshd_config options. If you look at the sshd service (/usr/lib/systemd/system/sshd.service) you will find the $CRYPTO_POLICY variable that is read by the service from the current "crypto policy", a major difference from CentOS 7.

To actually make changes, we need to modify the current policy, which by default its called.... DEFAULT. The file that contains the crypto policy for sshd is /etc/crypto-policies/back-ends/opensshserver.config, which is a symbolic link to the default policy at /usr/share/crypto-policies/DEFAULT/opensshserver.txt, which we modify as:

Code: Select all

CRYPTO_POLICY='-oCiphers=chacha20-poly1305@openssh.com,aes256-gcm@openssh.com -oMACs=hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com -oGSSAPIKexAlgorithms=gss-gex-sha1-,gss-group14-sha1- -oKexAlgorithms=curve25519-sha256@libssh.org -oHostKeyAlgorithms=rsa-sha2-256,rsa-sha2-512,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com -oPubkeyAcceptedKeyTypes=rsa-sha2-256,rsa-sha2-512,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com'

Now a "systemctl restart sshd" should give you a hardened sshd. Of course I expect everyone to use keys, so all other modifications that you usually do still apply.

[jlehtone]

Interesting.

Most of those files belong to 'crypto-policies' package, that has also man pages: 'crypto-policies' and 'update-crypto-policies'.
How much does FUTURE differ from your hardening?

'nss-3.44.0-8.el8' has dropped in file /etc/crypto-policies/local.d/nss-p11-kit.config that the update-crypto-policies has merged;
the /etc/crypto-policies/back-ends/nss.config is a file, rather than symlink.
Alas, manual says that the local.d overrides do not apply to ssh and sshserver.

[tocorobo]

Is there any benefit to hardening ssh in CentOS 8 by adjusting the CRYPTO_POLICY directive in /usr/share/crypto-policies/DEFAULT/opensshserver.txt vs un-commenting and setting CRYPTO_POLICY directive in the/etc/sysconfig/sshd file instead?