[Cyberduck-trac] [Cyberduck] #8537: Add ability to deactivate weak crypto, SHA-1, DES etc.

Cyberduck trac at trac.cyberduck.io
Fri Feb 6 06:38:03 UTC 2015 

#8537: Add ability to deactivate weak crypto, SHA-1, DES etc.
------------------------------------+-------------------------
 Reporter:  lbort                   |         Owner:  dkocher
     Type:  enhancement             |        Status:  assigned
 Priority:  normal                  |     Milestone:  4.7
Component:  sftp                    |       Version:  4.6.4
 Severity:  normal                  |    Resolution:
 Keywords:  ssh, kex, ciphers, mac  |  Architecture:  Intel
 Platform:                          |
------------------------------------+-------------------------

Comment (by lbort):

 Sorry, I was pretty busy, but here my list. I am not completly familiar
 with the notation, I hope I got it right.

 {{{ [kex=diffie-hellman-group14-sha1; kex=diffie-hellman-group1-sha;
 c2sCipher=aes128-cbc; c2sCipher=aes192-cbc; c2sCipher=aes256-cbc;
 c2sCipher=blowfish-cbc; c2sCipher=3des-cbc; c2sMAC=hmac-md5; c2sMAC=hmac-
 md5-96; c2sMAC=hmac-sha1; c2sMAC=hmac-sha1-96; s2cCipher=aes128-cbc;
 s2cCipher=aes192-cbc; s2cCipher=aes256-cbc; s2cCipher=blowfish-cbc;
 s2cCipher=3des-cbc; s2cMAC=hmac-md5; s2cMAC=hmac-md5-96; s2cMAC=hmac-sha1;
 s2cMAC=hmac-sha1-96; sig=SHA1withDSA; sig=SHA256withECDSA ] }}}

 This is a quite long list, but all of the above are either using broken
 algorithms like MD5 and SHA-1, or too short keys like DSA, or rely on NIST
 curves, which can't be trusted either. I am not entirely sure about the
 aes-cbc ciphers, but I assume they are also vulnerable. I didn't read
 everything, but for some info about that, see
 http://www.openssh.com/txt/cbc.adv
 and
 http://homes.cs.washington.edu/~yoshi/papers/TISSEC04/

 The list includes all currently supported kex-algorithms, so at least one
 of the suggested kex-algorithms needs to be implemented before activating
 the warning, otherwise it will always pop up. I also suggest putting the
 stronger ciphers with the longer keys first in the list of all available
 algorithms, since apparently the client chooses the first one in his list
 that is also supported by the server. In the long run, some more
 algorithms might be nice for the other part besides key-exchange, to be as
 compatible and secure as possible.

-- 
Ticket URL: <https://trac.cyberduck.io/ticket/8537#comment:10>
Cyberduck <http://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list