Weak SSH algorithms

Please post here if you have problems in using Wing FTP Server.

Weak SSH algorithms

Postby Ben_PDX » Tue Nov 08, 2016 9:15 pm

We are using Wing FTP version 4.7.8. We recently had a security audit that dinged us on some weak SSH algorithms. Specifically, they called out the Cipher Block Chaining (CBC) mode encryption algorithms:
- aes256-cbc
- aes192-cbc
- aes128-cbc
- blowfish-cvc
- 3des-cbc
- des-cbc-ssh1

The security audit also complained about:
- hmac-sha1

Is there any way to disable these weaker algorithms in Wing FTP?
Ben_PDX
 
posts 2
 
joined Tue Nov 08, 2016 9:12 pm

Re: Weak SSH algorithms

Postby FTP » Wed Nov 09, 2016 3:45 am

OK, please enable the option "Server -> Settings -> General Settings -> Enable FIPS 140-2 mode", then Wing FTP Server will use the algorithms which be approved by the FIPS group (only allows strong encryption ciphers).
FTP
Site Admin
 
posts 1527
 
joined Tue Sep 29, 2009 6:09 am

Re: Weak SSH algorithms

Postby Ben_PDX » Mon Dec 05, 2016 11:05 pm

I have the "Enable FIPS 140-2 Mode" checkbox checked, but I still see those weak ciphers.

If I run the command:

Code: Select all
nmap --script ssh2-enum-algos <servername> -p22


I get:

Code: Select all
PORT   STATE SERVICE
22/tcp open  ssh
| ssh2-enum-algos:
|   kex_algorithms (4)
|       curve25519-sha256@libssh.org" rel="nofollow" rel="nofollow
|       ecdh-sha2-nistp256
|       diffie-hellman-group14-sha1
|       diffie-hellman-group1-sha1
|   server_host_key_algorithms (1)
|       ssh-rsa
|   encryption_algorithms (9)
|       aes256-ctr
|       aes192-ctr
|       aes128-ctr
|       aes256-cbc
|       aes192-cbc
|       aes128-cbc
|       blowfish-cbc
|       3des-cbc
|       des-cbc-ssh1
|   mac_algorithms (3)
|       hmac-sha2-256
|       hmac-sha2-512
|       hmac-sha1
|   compression_algorithms (1)
|_      none
Ben_PDX
 
posts 2
 
joined Tue Nov 08, 2016 9:12 pm

Re: Weak SSH algorithms

Postby FTP » Tue Dec 06, 2016 3:47 am

OK, it is designed to be compatible with some SFTP client, and there is no need to worry about the SFTP security, because the stronger algorithm has higher priority, so your SFTP client will choose the strongest algorithm if it supports that algorithm.
FTP
Site Admin
 
posts 1527
 
joined Tue Sep 29, 2009 6:09 am

Re: Weak SSH algorithms

Postby drewcipher » Fri Aug 11, 2017 10:24 pm

For compliance, we need the weaker ciphers disabled. I understand the client may negotiate high but the risk is related to weaker ciphers being available. How can we remove / disable? It seems like the UI solution recommended here doesn't affect the actual cipher list.
drewcipher
 
posts 2
 
joined Wed Mar 16, 2016 1:08 am

Re: Weak SSH algorithms

Postby FTP » Sun Aug 13, 2017 4:14 pm

OK, you can specify the customized SFTP algorithms under "Server > Settings > General Settings > Security".
FTP
Site Admin
 
posts 1527
 
joined Tue Sep 29, 2009 6:09 am

Re: Weak SSH algorithms

Postby drewcipher » Mon Aug 14, 2017 10:14 pm

Hello FTP,

I believe we've done this. This is what we have listed in "Server > Settings > General Settings > Security > SFTP Encryption Algorithms" section:
aes256-ctr,aes192-ctr,aes128-ctr,des-cbc-ssh1

I restarted the services and the server but when I test, these are still available:
3des-cbc, aes128-cbc, aes192-cbc, aes256-cbc, blowfish-cbc

v4.9.2 on Windows Server 2012

Thanks in advance for your help.
drewcipher
 
posts 2
 
joined Wed Mar 16, 2016 1:08 am

Re: Weak SSH algorithms

Postby JasonEde » Wed Sep 13, 2017 12:27 pm

We have the same issue... We're on 4.9.2.

With the default SFTP encryptions settings the protocols reported (probed using nmap) are...

22/tcp open ssh

| ssh2-enum-algos:
| kex_algorithms: (4)
| curve25519-sha256@libssh.org" rel="nofollow
| ecdh-sha2-nistp256
| diffie-hellman-group14-sha1
| diffie-hellman-group1-sha1
| server_host_key_algorithms: (1)
| ssh-rsa
| encryption_algorithms: (9)
| aes256-ctr
| aes192-ctr
| aes128-ctr
| aes256-cbc
| aes192-cbc
| aes128-cbc
| blowfish-cbc
| 3des-cbc
| des-cbc-ssh1
| mac_algorithms: (3)
| hmac-sha2-256
| hmac-sha2-512
| hmac-sha1
| compression_algorithms: (3)
| none
| zlib
|_ zlib@openssh.com" rel="nofollow

After modifying the SFTP Encryption algos we're now getting...

22/tcp open ssh

| ssh2-enum-algos:
| kex_algorithms: (4)
| curve25519-sha256@libssh.org" rel="nofollow
| ecdh-sha2-nistp256
| diffie-hellman-group14-sha1
| diffie-hellman-group1-sha1
| server_host_key_algorithms: (1)
| ssh-rsa
| encryption_algorithms_client_to_server: (9)
| aes256-ctr
| aes192-ctr
| aes128-ctr
| aes256-cbc
| aes192-cbc
| aes128-cbc
| blowfish-cbc
| 3des-cbc
| des-cbc-ssh1
| encryption_algorithms_server_to_client: (3)
| aes256-ctr
| aes192-ctr
| aes128-ctr
| mac_algorithms: (3)
| hmac-sha2-256
| hmac-sha2-512
| hmac-sha1
| compression_algorithms: (3)
| none
| zlib
|_ zlib@openssh.com" rel="nofollow


So as you can see it has fixed the server to client ones, but the server still reports the client to server ones as including the CBC ones... Normally we can tie this down in the sshd_config file under ciphers to completely turn the CBC and 3DES ciphers off.
JasonEde
 
posts 6
 
joined Wed Aug 08, 2012 10:14 am

Re: Weak SSH algorithms

Postby FTP » Thu Sep 14, 2017 6:04 am

OK, you can set the SFTP encryption algorithms under "Server > Settings > General Settings > Security > SFTP Encryption Algorithms".
FTP
Site Admin
 
posts 1527
 
joined Tue Sep 29, 2009 6:09 am

Re: Weak SSH algorithms

Postby JasonEde » Thu Sep 14, 2017 7:50 am

Hi, I have modified the settings there, but it only changes some of them, not all of them. A pen-test scan of the server still reports the CBC and 3DES algos as enabled which means it fails the test.
JasonEde
 
posts 6
 
joined Wed Aug 08, 2012 10:14 am

Next

Return to Support

Who is online

Users browsing this forum: No registered users and 1 guest