Limiting KEX/Ciphers in sshd_config RHEL 8.6

Latest response

I've been a systems administrator for decades, and am used to editing the /etc/ssh/sshd_config file to explicitly enable certain key exchange mechanisms and allowed ciphers.

On my test system, I tried to enable FIPS using the standard documentation, but it causes my system to crash after reboot. (It's also a pain to disable, especially when you're stuck in Emergency Mode.)

So, enabling FIPS mode would probably solve my solution - maybe. It forces strong ciphers, and probably gets me into a happy state, but it fails on my test box, so I'm not really 100% okay with enabling it. It's done this on two different systems, with entirely different architectures so....

One thing I know has worked forever, was to simply edit the following lines in /etc/ssh/sshd_config:

KexAlgorithms diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512

Ciphers aes256-ctr,aes192-ctr,aes128-ctr

MACs hmac-sha2-512,hmac-sha2-256

This works in all of my other operating systems (my current production systems run SuSE SLES), but, unfortunately, there's this:

This system is following system-wide crypto policy. The changes to
crypto properties (Ciphers, MACs, ...) will not have any effect here.
They will be overridden by command-line options passed to the server
on command line.
Please, check manual pages for update-crypto-policies(8) and sshd_config(5).

I absolutely do not want to enable FIPS mode with the possibility of the system hard-crashing on startup, and the three non-FIPS policies still allow weak/obsolete ciphers.

I want/need to be precise about what ciphers and KEX I allow.

Is there a way to get to this level of granularity by editing a single file?

I know SSH generally uses OpenSSL...but with SSH saying that it's ignoring its own configuration file for crypto properties, it's possible OpenSSL is also ignoring its own configuration files?

What is the best way to get to the state shown above? Is there a way to make SSH revert to the original behavior of reading its own configuration file?

Thanks!

Sean Goodman's picture

Responses