Friday, February 24, 2017

Securing Mac OSX 10.12.6 Sierra's OpenSSH Server / Client

I was tasked with a more formal chore of securing a few other alternate systems so I thought I'd look at what OSX 10.12.6 has done in the way of OpenSSH versioning as well as its default configuration.  I was impressed, it's actually not bad!  In fact, as if it weren't obvious, I'm a huge fan (and supporter) of OpenBSD's efforts.  Note that the version compiled in 10.12.6 is actually utilizing OpenBSD's LibreSSL instead of OpenSSL 1.x.bug.ridden.rubbish.  I'm not sure when this happened, but that's a very progressive decision for such a huge vendor to make.  As of this writing, the latest version of OpenSSH is 7.5p1 -- OSX Sierra is at 7.4p1 - well done, Apple!

A few commands to get started that are important.

To get the entire default configuration:

qmp:~ root# sshd -T


To get the ssh (and sshd) version:

qmp:~ root# ssh -V
OpenSSH_7.4p1, LibreSSL 2.5.0

To get the supported cipher list:

qmp:~ root# ssh -Q cipher
3des-cbc
blowfish-cbc
cast128-cbc
arcfour
arcfour128
arcfour256
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

To get the supported key exchange algorithms:

qmp:~ root# ssh -Q kex
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
curve25519-sha256
curve25519-sha256@libssh.org

To get the supported MACs:

qmp:~ root# ssh -Q mac 
hmac-sha1
hmac-sha1-96
hmac-sha2-256
hmac-sha2-512
hmac-md5
hmac-md5-96
hmac-ripemd160
hmac-ripemd160@openssh.com
umac-64@openssh.com
umac-128@openssh.com
hmac-sha1-etm@openssh.com
hmac-sha1-96-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-md5-etm@openssh.com
hmac-md5-96-etm@openssh.com
hmac-ripemd160-etm@openssh.com
umac-64-etm@openssh.com
umac-128-etm@openssh.com

Here is my suggested configuration as of this writing if you plan to continue using keyboard/password authentication, but ideally you should be using public/private keys and set 'passwordauthentication no'.  This is a STRICT configuration that will likely decline most older clients.  You've been advised!

qmp:~ root# cat /etc/ssh/sshd_config

port 22
protocol 2
addressfamily inet
listenaddress 127.0.0.1:22
usepam yes
serverkeybits 2048
logingracetime 30
keyregenerationinterval 3600
x11displayoffset 10
maxauthtries 6
maxsessions 10
clientaliveinterval 0
clientalivecountmax 3
streamlocalbindmask 0177
permitrootlogin no
ignorerhosts yes
ignoreuserknownhosts no
rhostsrsaauthentication no
hostbasedauthentication no
hostbasedusesnamefrompacketonly no
rsaauthentication no
pubkeyauthentication yes
kerberosauthentication no
kerberosorlocalpasswd yes
kerberosticketcleanup yes
gssapiauthentication no
gssapicleanupcredentials yes
passwordauthentication yes
kbdinteractiveauthentication yes
challengeresponseauthentication yes
printmotd yes
printlastlog yes
x11forwarding no
x11uselocalhost yes
permittty yes
permituserrc yes
strictmodes yes
tcpkeepalive yes
permitemptypasswords no
permituserenvironment no
uselogin no
compression delayed
gatewayports no
usedns no
allowtcpforwarding no
allowagentforwarding no
allowstreamlocalforwarding no
streamlocalbindunlink no
useprivilegeseparation sandbox
fingerprinthash SHA512
pidfile /var/run/sshd.pid
xauthlocation xauth
ciphers chacha20-poly1305@openssh.com
macs hmac-sha2-512-etm@openssh.com
versionaddendum none
kexalgorithms curve25519-sha256@libssh.org
hostbasedacceptedkeytypes ssh-ed25519-cert-v01@openssh.com,ssh-ed25519
hostkeyalgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519
pubkeyacceptedkeytypes ssh-ed25519-cert-v01@openssh.com,ssh-ed25519
loglevel INFO
syslogfacility AUTH
authorizedkeysfile .ssh/authorized_keys
hostkey /etc/ssh/ssh_host_ed25519_key
acceptenv LANG
acceptenv LC_*
authenticationmethods any
subsystem sftp /usr/libexec/sftp-server
maxstartups 10:30:100
permittunnel no
ipqos lowdelay throughput
rekeylimit 0 0
permitopen 127.0.0.1:1

If you're going to use the AES128-GCM@OPENSSH.COM and AES256-GCM@OPENSSH.COM ciphers, you might consider filtering your /etc/ssh/moduli to remove anything < 4095 bits. You'll be left with about 118 entries.

Happy hardening!

Monday, February 13, 2017

OpenBSD 6.1 L2TP over IPSEC VPN - Android 6.0.1, IOS, OS X Sierra, Windows {x,y.z}



Here's exactly what's required to make OpenBSD 6.1 act as a L2TP over IPSEC server, since I've been asked about a thousand times... or twice, whatever.

Edit /etc/ipsec.conf:

wan_ipv4 = 172.16.172.16
ike passive esp transport \
  proto udp from $wan_ipv4 to any port 1701 \
  main auth "hmac-sha2-256" enc "aes-256" group modp1024 \
  quick auth "hmac-sha2-256" enc "aes-256" group modp1024 \
  psk "4de16a6f8fff9b311a18de90868f7808"


That's a pretty nasty PSK to bang out on a mobile, but you get the idea. Set your external IP accordingly.



Assuming you'll be forwarding via pf.conf, edit /etc/sysctl.conf:

net.inet.ip.forwarding=1
net.inet.ipcomp.enable=1
net.pipex.enable=1


If you don't plan to reboot to ensure that changes will survive with some persistence, you'll need to manually sysctl the above entries if you haven't done so already.



Add a user to /etc/npppd/npppd-users:

mickeymouse:\
:password=81bc62b1d74cfdd523f89a0e15d7753ef936bd1f:




Edit /etc/npppd/npppd.conf for your network configuration:

authentication LOCAL type local {
users-file "/etc/npppd/npppd-users"
}

tunnel L2TP protocol l2tp {
listen on 0.0.0.0
listen on ::
}

ipcp IPCP {
pool-address 172.16.173.2-172.16.173.254
dns-servers 8.8.8.8
}

interface pppx0 address 172.16.173.1 ipcp IPCP

bind tunnel from L2TP authenticated by LOCAL to pppx0




Edit /etc/rc.conf.local to ensure the respective daemons start at boot:

isakmpd_flags=""
ipsec=YES
ipsec_rules=/etc/ipsec.conf
npppd_flags=""



Edit /etc/isakmpd/isakmpd.policy to workaround Android 6.0.1 SHA stupidities:

Authorizer: "POLICY"
Comment: This is test
Licensees: "passphrase:4de16a6f8fff9b311a18de90868f7808"
conditions: app_domain == "IPsec policy" && doi == "ipsec" && esp_present == "yes" && (esp_auth_alg == "hmac-md5" || esp_auth_alg == "hmac-sha") -> "true";


Be sure the passphrase: matches what's in /etc/ipsec.conf!



Lastly, set permissions and fire up the respective daemons:

# chmod 600 /etc/isakmpd/isakmpd.policy /etc/ipsec.conf /etc/npppd/npppd-users /etc/npppd/npppd.conf
# /sbin/isakmpd
# /sbin/ipsecctl -f /etc/ipsec.conf
# /usr/sbin/npppd

The rest is simply configuring the settings in your Android/IOS phone, OSX or Windows.


Enjoy!

Upgrading iLO3 Firmware on HP DL380 G7 1.88



Just a few notes while upgrading my DL360, DL380, or DL580 G7 to the latest iLO3 firmware, 1.88 as of this writing..
  1. HP, if you're listening, simply make the .bin file available, i.e. ilo3_188.bin, for upgrade; do we really have to unzip the .exe file to extract it from your archive?
  2. Disable the HP post logo in the BIOS, life will be easier to configure iLO from there.
  3. You can't upgrade from iLO3 to iLO4 on a G7.. yet.
  4. If your version of iLO3 is prior to 1.28, you must upgrade to 1.28 before moving to 1.88!
  5. If you'd like to ssh (using their horribly insecure hostkey, kex, cipher and mac - lol) into your iLO3 server, try the following command:

ssh -o HostKeyAlgorithms=ssh-dss -o KexAlgorithms=diffie-hellman-group14-sha1 -o Ciphers=aes128-ctr -o MACs=hmac-sha1 username@your_ilo_ip


That's all for now!

Follow-up, shasums for the relevant files: the cp029101.exe is the x64 version, both contain the same ilo3_188.bin, grab it from the following url (if that still works). For whatever it's worth, as of 08/12/2017, version 1.88 is still the latest version of ilo3 for the HP Proliant G7 series.

http://h20564.www2.hpe.com/hpsc/swd/public/detail?sp4ts.oid=4091432&swItemId=MTX_3ef65d13406a41de97e6a75a3c&swEnvOid=4168


$ shasum -a 256 *
f417ba0f624ef7fdd8ee5f2db7101c719618f3c7bc5e6b2b2b8f863c5b35d12f  cp029100.exe
fb87e8c72c23d040a78f4c42b84612913d35c1cb6edc9668ff3236a3197d3b74  cp029101.exe
$ unzip cp029100.exe ilo*.bin
Archive:  cp029100.exe
  inflating: ilo3_188.bin            
$ shasum -a 256 *
f417ba0f624ef7fdd8ee5f2db7101c719618f3c7bc5e6b2b2b8f863c5b35d12f  cp029100.exe
fb87e8c72c23d040a78f4c42b84612913d35c1cb6edc9668ff3236a3197d3b74  cp029101.exe
145f6042eecdb50df27bbd4484ad9228808a2206c94097b5d83e8018532250b9  ilo3_188.bin

A few good sites to find firmware files: 
http://pingtool.org/latest-hp-ilo-firmwares/
https://github.com/seveas/python-hpilo/blob/master/firmware.conf