On Wed, Jan 24, 2024 at 6:51 AM Jacob M Cutright <cutrightjm@xxxxxx> wrote:
A default RHEL 8/9 system is going to use the system-wide crypto
policies per /etc/sysconfig/sshd. Below is just a summarized version of
https://access.redhat.com/security/cve/cve-2023-48795
We can add in a cryptop-policies sub policy by creating the following file:
cat << EOF > /etc/crypto-policies/policies/modules/CVE-2023-48795.pmod
cipher@SSH = -CHACHA20-POLY1305
ssh_etm = 0
EOF
Append this crypto policy to your current system crypto policies:
update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795
Verify the new policy has taken place:
update-crypto-policies --show
Restart the application as recommended by command output:
systemctl restart sshd.service
Thanks,
Jacob
On 1/23/2024 11:02 AM, Kaushal Shriyan wrote:
> Hi,
>
> I have the SSH Terrapin Prefix Truncation Weakness on Red Hat Enterprise
> Linux release 8.7 (Ootpa). The details are as follows.
>
> # rpm -qa | grep openssh
> openssh-8.0p1-16.el8.x86_64
> openssh-askpass-8.0p1-16.el8.x86_64
> openssh-server-8.0p1-16.el8.x86_64
> openssh-clients-8.0p1-16.el8.x86_64
>
> # cat /etc/redhat-release
> Red Hat Enterprise Linux release 8.7 (Ootpa)
> #
>
> SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)
>
> Synopsis
> The remote SSH server is vulnerable to a mitm prefix truncation attack.
> Description
> The remote SSH server is vulnerable to a man-in-the-middle prefix
> truncation weakness known as Terrapin.
> This can allow a remote, man-in-the-middle attacker to bypass integrity
> checks and downgrade the
> connection's security.
> Note that this plugin only checks for remote SSH servers that support
> either ChaCha20-Poly1305 or CBC
> with Encrypt-then-MAC and do not support the strict key exchange
> countermeasures. It does not check for
> vulnerable software versions.
> See Also
> https://terrapin-attack.com/ <https://terrapin-attack.com/>
>
> Solution
> Contact the vendor for an update with the strict key exchange
> countermeasures or disable the affected
> algorithms.
> Risk Factor
> Medium
> CVSS v3.0 Base Score
> 5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
> CVSS v3.0 Temporal Score
> 5.3 (CVSS:3.0/E:P/RL:O/RC:C)
> VPR Score
> 6.9
> CVSS v2.0 Base Score
> 5.4 (CVSS2#AV:N/AC:H/Au:N/C:N/I:C/A:N)
> CVSS v2.0 Temporal Score
> 4.2 (CVSS2#E:POC/RL:OF/RC:C)
> 187315 (10) - SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) 16
>
> References
> CVE CVE-2023-48795
>
> Is there a way to configure /etc/ssh/sshd_config to mitigate SSH
> Terrapin Prefix Truncation Weakness (CVE-2023-48795)
>
> Please guide me.
>
> Thanks in advance.
>
> Best Regards,
>
> Kaushal
>
> --
> You received this message because you are subscribed to the Google
> Groups "redhat-list@xxxxxxxxxx" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to redhat-list+unsubscribe@xxxxxxxxxx
> <mailto:redhat-list+unsubscribe@xxxxxxxxxx>.
Thanks a lot Ben, Mike and Jacob for a quick and detailed response. Much appreciated. I have used the below steps to mitigate SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) for the benefit of the entire community who will encounter a similar SSH vulnerability.
# rpm -qa | grep openssh
openssh-8.0p1-16.el8.x86_64
openssh-askpass-8.0p1-16.el8.x86_64
openssh-server-8.0p1-16.el8.x86_64
openssh-clients-8.0p1-16.el8.x86_64
openssh-8.0p1-16.el8.x86_64
openssh-askpass-8.0p1-16.el8.x86_64
openssh-server-8.0p1-16.el8.x86_64
openssh-clients-8.0p1-16.el8.x86_64
# cat /etc/redhat-release
Red Hat Enterprise Linux release 8.7 (Ootpa)
#
Red Hat Enterprise Linux release 8.7 (Ootpa)
#
#cd /etc/crypto-policies/policies/modules/
#touch CVE-2023-48795.pmod
#touch CVE-2023-48795.pmod
###content in CVE-2023-48795.pmod file as per below
#vim CVE-2023-48795.pmod
cipher@SSH = -CHACHA20-POLY1305
ssh_etm = 0
#update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795
#vim CVE-2023-48795.pmod
cipher@SSH = -CHACHA20-POLY1305
ssh_etm = 0
#update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795
#update-crypto-policies --show
#systemctl restart sshd.service
#systemctl status sshd.service
I have used https://github.com/RUB-NDS/Terrapin-Scanner. Terrapin Vulnerability Scanner is a small utility program written in Go, which can be used to determine the vulnerability of an SSH client or server against the Terrapin Attack (https://terrapin-attack.com/)
#tar -C /usr/local -xzf go1.21.6.linux-amd64.tar.gz
#export PATH=$PATH:/usr/local/go/bin
#go version
#go install github.com/RUB-NDS/Terrapin-Scanner@latest
#cd /root/go/bin/
#export PATH=$PATH:/usr/local/go/bin
#go version
#go install github.com/RUB-NDS/Terrapin-Scanner@latest
#cd /root/go/bin/
# ./Terrapin-Scanner --connect localhost --json (Command to validate the SSH Terrapin Prefix Truncation Weakness CVE-2023-48795 in JSON format)
{
"RemoteAddr": "[::1]:22",
"IsServer": true,
"Banner": "SSH-2.0-OpenSSH_8.0",
"SupportsChaCha20": false,
"SupportsCbcEtm": false,
"SupportsStrictKex": false,
"Vulnerable": false
}
# ./Terrapin-Scanner --connect localhost (Command to validate the SSH Terrapin Prefix Truncation Weakness CVE-2023-48795)
================================================================================
==================================== Report ====================================
================================================================================
Remote Banner: SSH-2.0-OpenSSH_8.0
ChaCha20-Poly1305 support: false
CBC-EtM support: false
Strict key exchange support: false
The scanned peer supports Terrapin mitigations and can establish
connections that are NOT VULNERABLE to Terrapin. Glad to see this.
For strict key exchange to take effect, both peers must support it.
Note: This tool is provided as is, with no warranty whatsoever. It determines
the vulnerability of a peer by checking the supported algorithms and
support for strict key exchange. It may falsely claim a peer to be
vulnerable if the vendor supports countermeasures other than strict key
exchange.
For more details visit our website available at https://terrapin-attack.com
#
{
"RemoteAddr": "[::1]:22",
"IsServer": true,
"Banner": "SSH-2.0-OpenSSH_8.0",
"SupportsChaCha20": false,
"SupportsCbcEtm": false,
"SupportsStrictKex": false,
"Vulnerable": false
}
# ./Terrapin-Scanner --connect localhost (Command to validate the SSH Terrapin Prefix Truncation Weakness CVE-2023-48795)
================================================================================
==================================== Report ====================================
================================================================================
Remote Banner: SSH-2.0-OpenSSH_8.0
ChaCha20-Poly1305 support: false
CBC-EtM support: false
Strict key exchange support: false
The scanned peer supports Terrapin mitigations and can establish
connections that are NOT VULNERABLE to Terrapin. Glad to see this.
For strict key exchange to take effect, both peers must support it.
Note: This tool is provided as is, with no warranty whatsoever. It determines
the vulnerability of a peer by checking the supported algorithms and
support for strict key exchange. It may falsely claim a peer to be
vulnerable if the vendor supports countermeasures other than strict key
exchange.
For more details visit our website available at https://terrapin-attack.com
#
Thanks in advance.
Best Regards,
Kaushal
You received this message because you are subscribed to the Google Groups "redhat-list@xxxxxxxxxx" group.
To unsubscribe from this group and stop receiving emails from it, send an email to redhat-list+unsubscribe@xxxxxxxxxx.
