2

After updating several of my web servers last night we are now unable to connect to them with FileZilla SFTP client. Here's the FileZilla log:

2017-08-09 16:26:54 7294 3 Status: Connecting to my.rhel74.server...
2017-08-09 16:26:54 7294 3 Response: fzSftp started
2017-08-09 16:26:54 7294 3 Command: keyfile "/home/acoder/.ssh/fz"
2017-08-09 16:26:54 7294 3 Command: open "[email protected]" 22
2017-08-09 16:26:54 7294 3 Error: Server unexpectedly closed network connection
2017-08-09 16:26:54 7294 3 Error: Could not connect to server
2017-08-09 16:26:54 7294 3 Status: Waiting to retry...
2017-08-09 16:26:59 7294 3 Status: Connecting to my.rhel74.server...
2017-08-09 16:26:59 7294 3 Response: fzSftp started
2017-08-09 16:26:59 7294 3 Command: keyfile "/home/acoder/.ssh/fz"
2017-08-09 16:26:59 7294 3 Command: open "[email protected]" 22
2017-08-09 16:27:00 7294 3 Error: Server unexpectedly closed network connection
2017-08-09 16:27:00 7294 3 Error: Could not connect to server

Checking the server's error log I find:

Aug 9 17:05:45 rhel74server sshd[5278]: FIPS mode initialized

Aug 9 17:05:45 rhel74server sshd[5278]: fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server hmac-sha2-512,hmac-sha2-256 [preauth]

Here is the server's ssh config: 

# /etc/ssh/sshd_config
Protocol 2
KexAlgorithms diffie-hellman-group-exchange-sha256
Ciphers aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512,hmac-sha2-256

We are required to run those Ciphers and MACs, so changing or adding any is problematic. The above config worked OK until the server OS was updated from RHEL 7.3 to 7.4 a day ago.

Here are the MACs my local system uses:

user@linux-mint ~ $ nmap --script ssh2-enum-algos -sV -p 22 rhel74server

Starting Nmap 6.40 ( http://nmap.org ) at 2017-08-10 14:42 EDT
Nmap scan report for rhel74server (170.140.203.50)
Host is up (0.0026s latency).
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.4 (protocol 2.0)
| ssh2-enum-algos: 
|   kex_algorithms (1)
|       diffie-hellman-group-exchange-sha256
|   server_host_key_algorithms (3)
|       ssh-rsa
|       rsa-sha2-512
|       rsa-sha2-256
|   encryption_algorithms (3)
|       aes256-ctr
|       aes192-ctr
|       aes128-ctr
|   mac_algorithms (2)
|       hmac-sha2-512
|       hmac-sha2-256
|   compression_algorithms (2)
|       none
|_      [email protected]

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.38 seconds
user@linux-mint ~ $

The server MACs in use are hmac-sha2-512 and hmac-sha2-256, which matches what the client OS is using.

Filezilla appears to ignore what my client OS has configured and is sending the following MACs to the server:

fatal: no matching mac found: client
hmac-sha1,
hmac-sha1-96,
hmac-md5

I'm on the latest build of FileZilla (3.27.0.1).

Any clues on what else I might try to get this working again?

a coder
  • 3,184
  • 9
  • 42
  • 63
  • Do you have backup's of the config? Cross check the backup configs, of they are all same, check the changelogs. If that does not seem to have an answer. Submit a bug? – Hunter.S.Thompson Aug 09 '17 at 21:15
  • No changes to uncommented lines. The version info changed at the top but nothing else was pulled form the new file. – a coder Aug 09 '17 at 21:54

1 Answers1

0

Deprecated feature due to its inherent lack of security !

In your example, can see that the client is offering:

  • hmac-sha1
  • hmac-sha1-96
  • hmac-md5

But your server is only offering

  • hmac-sha2-512
  • hmac-sha2-256

So no match found. Likely that prior to upgrade the server happily offered hmac-sha1.

Deprecation of insecure algorithms

Following up with Deprecation of Insecure Algorithms in RHEL 6.9, legacy algorithms that potentially pose a more serious threats to deployments are being disabled. That, in RHEL 7.4, affects the RC4 ciphers, as well as MD5, RIPE-MD160, and truncated SHA-1 MACs on both client and server side. The ciphers Blowfish, Cast128, and 3DES were removed from the default set of algorithms accepted by the client but are still supported in the server.

If these algorithms are still needed for interoperability with legacy servers or clients, they can be enabled on a per-host basis as described in the upstream documentation. The following example describes how to enable 3des-cbc cipher in a client:

Host legacy.example.org
  Ciphers +3des-cbc

Another example, enabling hmac-md5 in a server for legacy.example.org client:

Match Host legacy.example.org
  MACs +hmac-md5
steve
  • 21,582
  • 5
  • 48
  • 75
  • My server's sshd Ciphers and MACs config is above. We do not use SHA-1 and I'm not seeing Blowfish, Cast128 or 3DES in my server's config. Is there something I am overlooking in your answer to my question? – a coder Aug 09 '17 at 21:37
  • I actually have backups of the sshd_config before the 7.4 update. `hmac-sha1` is not there. I removed all `sha1` ciphers and macs a year ago. Filezilla was working fine with 7.3 with the ciphers and macs in my question. – a coder Aug 10 '17 at 18:08
  • I hate to give downvotes, but have to based on this erroneous information: `Likely that prior to upgrade the server happily offered hmac-sha1.` – a coder Aug 10 '17 at 18:14
  • Were you in FIPS mode prior to upgrade ? – steve Aug 10 '17 at 18:21
  • Yes. I've run FIPS since we updated to RHEL 7.1 over 2 years ago. – a coder Aug 10 '17 at 18:22
  • 2
    Could it be that you changed your configuration in sshd_config, but did not restart the sshd service ever since? Your filezilla looks like very outdated or badly configured since it is offering only these ancient MACs. If you had this configuration before, there was nothing changed by this update. If you want to verify it, just downgrade the package and verify it will not work either. – Jakuje Aug 11 '17 at 09:11