Taking ticket.

Looking over cipher choices we should look at ones that are heavily 'tested' and look out for potential problems. Since this ticket was opened, we have the following items to look at:

CBC vs CTR is still an 'unknown' threat, though not a 0 day exploit.

AES-256 is weaker than AES-192 or AES-128 due to key scheduling weakness [0].

[0] http://www.schneier.com/blog/archives/2009/07/another_new_aes.html

[1] http://blog.pgp.com/index.php/tag/aes/

[2] http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

According to the OpenSSH Security Advisory (http://www.openssh.com/txt/cbc.adv), the recommendation is to remove the CBC cipher and only allow CTR and arcfour.

I'll look into this. I just disabled SSLv2 a few days ago across most of our infrastructure (everything uses websites.conf.erb in puppet).

Oh, this is for SSH. I'll still look into what needs to be done, if you know, please let us know.

Apparently we need to add Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc to make the CTR and arcfour preferred, or perhaps we could remove the cbc ones altogether.

Comments?

I just sent an email asking whether this will be addressed in a package update, so we can probably wait on this a little bit.

I made the change to the sshd_config file on Nov 21 to pt7. Smooge wanted to wait until after Thanksgiving to see if the changes had any adverse affects before pushing it out through Puppet.

Sorry for the delay on updating this - we have now picked up the new openssh packages which change the default cipher preference: http://rhn.redhat.com/errata/RHBA-2011-0018.html

Closing this ticket for now.