topic Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode in Firewall and Security Management

Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

rajesh_s — Wed, 31 Jan 2018 08:35:48 GMT

In R77.30 i need enable the CTR or GCM cipher mode encryption instead of CBC cipher encryption, Please some one help me to fix this issue.

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

PhoneBoy — Thu, 01 Feb 2018 03:17:05 GMT

Please clarify which part of the product you're asking about as there are several places that use these ciphers and the answer is different for each one.

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

rajesh_s — Thu, 01 Feb 2018 08:17:06 GMT

Hi Demeon,

Thanks for your response

The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext.

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

PhoneBoy — Fri, 02 Feb 2018 00:16:03 GMT

You can change the enabled SSH ciphers in the following files:

/etc/ssh/ssh_config
/etc/ssh/sshd_config

Look for the Ciphers line and remove the appropriate entries from that line.

Restart the ssh daemon with the command: service sshd restart

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

rajesh_s — Wed, 21 Mar 2018 09:19:27 GMT

HI Demeon,

I found the chipper keys " Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes2 "

That is only keys i found in ssh configuration, If i remove those keys, Will i able to access the gateway via ssh?.

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

PhoneBoy — Wed, 21 Mar 2018 15:00:20 GMT

Assuming you've got ciphers listed that are supported by your SSH client, yes.

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

rajesh_s — Wed, 21 Mar 2018 15:22:03 GMT

There was no ciphers key in sshd_config file, Just i had below mentioned cipher keys in sshd_config file.

Ciphers aes128-ctr,aes192-ctr,aes256-ctr

MACs hmac-sha1,hmac-ripemd160.

Thanks a lot for your help.

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

Bryce_Myers — Mon, 05 Nov 2018 11:48:53 GMT

Do you know of a way to modify this ciphers on Gaia Embedded?

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

PhoneBoy — Mon, 05 Nov 2018 12:47:33 GMT

Not that I'm aware of.

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

G_W_Albrecht — Wed, 10 Jul 2019 08:39:13 GMT

Look here to be able to see them at least: sk144632: How to see the supported ciphers and HMACs of the SSH protocol on SMB appliances

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

G_W_Albrecht — Wed, 10 Jul 2019 08:53:03 GMT

R77.20.80 for Small and Medium Business Appliances removed unsafe ciphers/HMACs from SSH server supported ciphers/HMACs: hmac-sha1-96, hmac-md5.

Looks like the ciphers are compiled into the dropbear SSH server binary for Embedded systems!

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

johnnyhinton777 — Mon, 09 Nov 2020 18:17:29 GMT

DESCRIPTION

The SSH server is configured to support either Arcfour or Cipher Block Chaining (CBC) mode cipher algorithms. SSH can be configured to use Counter (CTR) mode encryption instead of CBC. The use of Arcfour algorithms should be disabled.

RISK

A weak cipher has been detected.

RECOMMENDATION

Configure the SSH server to disable Arcfour and CBC ciphers

What is the configuration to disable CBC and enable CTR?

Here is what I have on the router now:

HTTP secure server ciphersuite: 3des-ede-cbc-sha des-cbc-sha rc4-128-md5
rc4-128-sha aes-128-cbc-sha aes-256-cbc-sha dhe-aes-128-cbc-sha
dhe-aes-256-cbc-sha ecdhe-rsa-3des-ede-cbc-sha ecdhe-rsa-aes-256-cbc-sha
ecdhe-rsa-rc4-128-sha

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

PhoneBoy — Mon, 09 Nov 2020 20:29:39 GMT

It would be exactly the same configuration as you would do on a standard OpenSSH, which I assume would start by removing anything that mentions CBC in the name.
The version of OpenSSH in use prior to R80.40 is fairly old, so it may not support newer ciphers that may be suggested.

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

vsurresh — Thu, 04 Nov 2021 11:27:12 GMT

Hello, thanks for the info.

I just checked both files and there are no Ciphers listed in the sshd_config file. There is, however, a line in the ssh_config file as follows:

Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc

What will happen after I removed all the ciphers listed above as all of them are considered weak? Is there a way to add ctr cipher instead?

Thanks in advance.
R80.30 Gateways

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

Tobias_Moritz — Thu, 04 Nov 2021 13:05:04 GMT

This is just the same behavior as on any other Linux/Unix box with OpenSSH, as long as we are not talking about SMB appliances.

ssh_config is for the SSH client.

sshd_config is for the SSH server.

If you you not specify any ciphers in that file(s), the defaults apply.

See defaults/supported ciphers here:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk165685

When changing these on versions prior to R81.10, please take care of:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk106031

When running at least R80.40, a quite good hardening suggestion would be for example:

KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256

Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr

MACs hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com

HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521

Just before hitting the "reply" button, I saw you are on R80.30. Thats sad, because that means you are limited to the possibilities of the very old OpenSSH version CheckPoint uses before R80.40, as PhoneBoy said already. Please see sk165685 for supported ciphers. The list is very short, but you can use ctr and get rid of cbc by specifiying only the ctr ciphers in your Ciphers string:

Ciphers aes128-ctr,aes192-ctr,aes256-ctr

Not sure about Kex, MAC and HostKeyAlgorithms support in R80.30. Its not documented on sk165685 and I do not have access to anything older that R80.40 at the moment to look up myself.

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

vsurresh — Fri, 05 Nov 2021 10:32:25 GMT

Thanks a lot for taking the time to explain. We are in the process of upgrading to R80.40 but just wanted to fix the cipher issue first 🙂

Re: Disable CBC mode cipher encryption and enable CTR or GCM cipher mode

steve2688 — Sat, 14 May 2022 05:50:05 GMT

Hi All Expert,

I google on the same issue as well but i still not able to solve this, is there any article or youtube channel for me to solve this on disable a CBC and enabled CTR and GCM encryption.

The system i am using is

- windows server 2019

- sFTP server port 22

the finding result is from Nessus scanning

The code is

70658 - SSH Server CBC Mode Ciphers Enabled

71049 - SSH Weak MAC Algorithms Enabled

153953 - SSH Weak Key Exchange Algorithms Enabled

anyone can help?

i try to look for this folder but i dont know where to find.

/etc/ssh/ssh_config
/etc/ssh/sshd_config

Regards

Steve2688