You’ve probably heard about a Logjam attack on Diffie-Hellman key exchange algorithm Here is a post by Jethro Beekman providing some details and suggessions on hardening your SSH server security.
Few days ago I’ve started playing around Twisted Python framework in general and Conch library which handles SSH connections in an event-based manner in particular.
I’ve tried few SSH client examples from Twisted site getting similar errors:
2015-07-07 14:28:45+0300 [-] Starting factory <twisted.internet.endpoints.OneShotFactory instance at 0x7f745500ca28> 2015-07-07 14:28:45+0300 [_CommandTransport,client] Disconnecting with error, code 3 reason: couldn't match all kex parts 2015-07-07 14:28:45+0300 [_CommandTransport,client] main function encountered error Traceback (most recent call last): Failure: twisted.internet.error.ConnectionDone: Connection was closed cleanly.
The problem is that twisted.conch.ssh.transport supports only two KeyExchange algorithms so far:
221 supportedKeyExchanges = ['diffie-hellman-group-exchange-sha1', 222 'diffie-hellman-group1-sha1']
And they were excluded from the default list enabled key exchange algorithms. On my Fedora 22, Debian 8 nodes with OpenSSH 6.7 installed I have the following list by default:
email@example.com, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha1
There are few tickets with requests and proposals how to add stronger diffie-hellman algorithms support. But they don’t show any recent activity so I’m not sure this is going to be merged any time soon. Also I didn’t find anything about elliptic curve algorithms support at all.
Since I’m not brave nor skilled enough to dive into patching Twisted I’ve enabled diffie-hellman-group-exchange-sha1 algorithm support in SSH daemon settings on target nodes:
If you don’t want to sacrifice security you may consider generating your own moduli as suggested here:
# ssh-keygen -G moduli-2048.candidates -b 2048 # ssh-keygen -T moduli-2048 -f moduli-2048.candidates # mv moduli-2048 /etc/ssh/moduli
diffie-hellman-group-exchange-sha1 enabled SSH connections should not fail.