支持SSH弱算法

SSH Weak Algorithms Supported：Nessus has detected that the remote SSH server is configured to use the Arcfour stream cipher or no cipher at all. RFC 4253 advises against using Arcfour due to an issue with weak keys.
支持SSH弱算法：Nessus检测到远程SSH服务器配置为使用Arcfour流密码或根本不使用密码。由于弱**问题，RFC 4253建议不要使用Arcfour。

1. 漏洞检测

1.1. 本地检测

[email protected]:~$ man ssh_config
...
Cipher  Specifies the cipher to use for encrypting the session in
             protocol version 1.  Currently, “blowfish”, “3des”, and
             “des” are supported.  des is only supported in the ssh(1)
             client for interoperability with legacy protocol 1 imple‐
             mentations that do not support the 3des cipher.  Its use
             is strongly discouraged due to cryptographic weaknesses.
             The default is “3des”.
Ciphers
             Specifies the ciphers allowed for protocol version 2 in
             order of preference.  Multiple ciphers must be comma-sep‐
             arated.  The supported ciphers are “3des-cbc”,
             “aes128-cbc”, “aes192-cbc”, “aes256-cbc”, “aes128-ctr”,
             “aes192-ctr”, “aes256-ctr”, “arcfour128”, “arcfour256”,
             “arcfour”, “blowfish-cbc”, and “cast128-cbc”.  The
             default is:

                aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
                aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
                aes256-cbc,arcfour
...

1.2. Nmap检测

C:\Users\LY\Desktop
λ nmap -Pn --script="ssh2-enum-algos" -sS -p 22 192.168.1.130
Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-07 14:03 ?D1ú±ê×?ê±??
Nmap scan report for 192.168.1.130
Host is up (0.00s latency).

PORT   STATE SERVICE
22/tcp open  ssh
| ssh2-enum-algos:
|   kex_algorithms: (7)
|       ecdh-sha2-nistp256
|       ecdh-sha2-nistp384
|       ecdh-sha2-nistp521
|       diffie-hellman-group-exchange-sha256
|       diffie-hellman-group-exchange-sha1
|       diffie-hellman-group14-sha1
|       diffie-hellman-group1-sha1
|   server_host_key_algorithms: (3)
|       ssh-rsa
|       ssh-dss
|       ecdsa-sha2-nistp256
|   encryption_algorithms: (13)
|       aes128-ctr
|       aes192-ctr
|       aes256-ctr
|       arcfour256
|       arcfour128
|       aes128-cbc
|       3des-cbc
|       blowfish-cbc
|       cast128-cbc
|       aes192-cbc
|       aes256-cbc
|       arcfour
|       rijndael-cbc@lysator.liu.se
|   mac_algorithms: (11)
|       hmac-md5
|       hmac-sha1
|       umac[email protected]openssh.com
|       hmac-sha2-256
|       hmac-sha2-256-96
|       hmac-sha2-512
|       hmac-sha2-512-96
|       hmac-ripemd160
|       hmac-ripemd160@openssh.com
|       hmac-sha1-96
|       hmac-md5-96
|   compression_algorithms: (2)
|       none
|_      zlib@openssh.com
MAC Address: 00:0C:29:D1:BF:2C (VMware)

Nmap done: 1 IP address (1 host up) scanned in 5.89 seconds

1.3. ssh检测

λ ssh -vv 192.168.1.130 -p 22
...
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.10 pat OpenSSH_5* compat 0x0c000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.1.130:22 as 'ly'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: MACs ctos: hmac-md5,hmac-sha1,umac[email protected]openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: hmac-md5,hmac-sha1,umac[email protected]openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
...

支持SSH弱算法

2. 漏洞修复

解决方案是修改/etc/ssh/sshd_config配置,详情请查看：https://linux.uits.uconn.edu/2014/06/25/ssh-weak-ciphers-and-mac-algorithms/

# 1. 打开/etc/ssh/sshd_config配置文件
[email protected]:~$ sudo gedit /etc/ssh/sshd_config

# 2.在文件最后一行加入
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc

# 3.重启服务
[email protected]:~$sudo service ssh restart

# 4.复测
λ nmap -Pn --script="ssh2-enum-algos" -sS -p 22 192.168.1.130
Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-07 14:35 ?D1ú±ê×?ê±??
Nmap scan report for 192.168.1.130
Host is up (0.00088s latency).

PORT   STATE SERVICE
22/tcp open  ssh
| ssh2-enum-algos:
|   kex_algorithms: (7)
|       ecdh-sha2-nistp256
|       ecdh-sha2-nistp384
|       ecdh-sha2-nistp521
|       diffie-hellman-group-exchange-sha256
|       diffie-hellman-group-exchange-sha1
|       diffie-hellman-group14-sha1
|       diffie-hellman-group1-sha1
|   server_host_key_algorithms: (3)
|       ssh-rsa
|       ssh-dss
|       ecdsa-sha2-nistp256
|   encryption_algorithms: (5)
|       aes128-ctr
|       aes192-ctr
|       aes256-ctr
|       aes128-cbc
|       3des-cbc
|   mac_algorithms: (11)
|       hmac-md5
|       hmac-sha1
|       [email protected]
|       hmac-sha2-256
|       hmac-sha2-256-96
|       hmac-sha2-512
|       hmac-sha2-512-96
|       hmac-ripemd160
|       [email protected]
|       hmac-sha1-96
|       hmac-md5-96
|   compression_algorithms: (2)
|       none
|_      [email protected]
MAC Address: 00:0C:29:D1:BF:2C (VMware)

Nmap done: 1 IP address (1 host up) scanned in 5.89 seconds

支持SSH弱算法

3. RC4简介

RC4是由罗纳德·李维斯特在1987年开发出来的，虽然它的官方名是“Rivest Cipher 4”，但是首字母缩写RC也可以理解为”Ron’s Code”。RC4开始时是商业密码，没有公开发表出来，但是在1994年9月份的时候，它被人匿名公开在了Cypherpunks 邮件列表上，很快它就被发到了sci.crypt 新闻组上，随后从这传播到了互联网的许多站点。随之贴出的代码后来被证明是真实的，因为它的输出跟取得了RC4版权的私有软件的输出是完全相同的。由于算法已经公开，RC4也就不再是商业秘密了，只是它的名字“RC4”仍然是一个注册商标。RC4经常被称作是“ARCFOUR”或者”ARC4”（意思是称为RC4），这样来避免商标使用的问题。RC4已经成为一些常用的协议和标准的一部分，如1997年的WEP和2003/2004年无线卡的WPA; 和1995年的SSL，以及后来1999年的TLS。让它如此广泛分布和使用的主要因素是它不可思议的简单和速度，不管是软件还是硬件，实现起来都十分容易。分布式代码管理网站Github从2015年1月5日将停止对RC4的支持，RC4作为一种老旧的验证和加密算法易于受到黑客攻击。这意味着，用户在使用Windows XP系统上的IE浏览器时将无法进入github.com网站。