Diffie-Hellman key exchange algorithm with sshd in Red Hat Enterprise Linux
Environment
- Red Hat Enterprise Linux (RHEL) 5, 6, 7, 8 and 9
- openssh-4.3p2-XX.el5 (RHEL 5)
- openssh-5.3p1-XX.el6 (RHEL 6)
Issue
- Is OpenSSH vulnerable to Logjam: TLS vulnerabilities (CVE-2015-4000)?
- How to disable Diffie-Hellman key exchange algorithm in OpenSSH?
- How to change the pre-computed primes used for moduli in OpenSSH?
Resolution
- Because OpenSSH does not make use of the TLS protocol, it is not vulnerable to Logjam: TLS vulnerabilities (CVE-2015-4000)
- The Diffie-Hellman key exchange is an integral part of the SSH protocol handshake, and it can not be disabled. The Key Exchange algorithms in OpenSSH prior to RHEL6 are not configurable. In OpenSSH in RHEL 6.6, RHEL 7 and later there is the option
KexAlgorithmswhich allows changing the algorithms used in the SSH protocol handshake but at least one must be chosen. - While OpenSSH in RHEL does make use of 1024-bit fixed primes as moduli, there is currently no known attack against them and no remediation is currently recommended. See the man pages for details on changing the default moduli with the commands
man sshdandman moduli.
Diagnostic Steps
Reference Links
- Logjam: TLS vulnerabilities (CVE-2015-4000)
- Content from www.openssh.com is not included.KexAlgorithms became an option in the upstream openssh-5.7
- In RHEL 6, Errata RHSA-2013-1591
- <Content from weakdh.org is not included.https://weakdh.org/sysadmin.html>
- <Content from weakdh.org is not included.https://weakdh.org/imperfect-forward-secrecy.pdf>
SBR
Product(s)
Tags
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.