Issues with OpenSSH Algorithms on IBM i OS 6.1, 7.1, and 7.2 (August 2018)

If you start have SSH/SFTP/SCP connections to fail with error messages in regards to not matching ciphers, that were working, then stopped working, then this is most likely due to: the partner SSH server or client on the connection is running a very old version of the SSH / OpenSSH code, and you upgraded your OpenSSH on the IBM i (knowingly or unknowingly).

IBM i OS 6.1, 7.1, and 7.2, OpenSSH on these releases was 6.6p1. In OpenSSH 6.7 and subsequent releases, changes were made to the default set of ciphers. The following PTFs, or their supersedes, upgrade OpenSSH on the IBM i from an earlier release to 6.9p1:

  • R610 – SI57920
  • R710 – SI57762
  • R720 – SI57771

If you have applied the appropriate PTF above for your IBM i OS, whether individually or part of group or cumulative PTF package (7.1 and 7.2), you upgraded your OpenSSH to release 6.9p1.  The upgrade to OpenSSH 6.9p1 was necessary in order to fix several published CVE vulnerabilities in the OpenSSH code and ensure PCI compliance.  To get a list of all the supported algorithms, you can run the following from QSH or CALL QP2TERM:

  • ssh -Q cipher
  • ssh -Q mac
  • ssh -Q kex

 To resolve this issue after you have upgraded your OpenSSH to release 6.9p1:

  1. Have the partner upgrade the SSH client/server to a version where it uses the safe algorithms in the default lists below.
  2. Modify the appropriate OpenSSH configuration file on the IBM I, to add back in the unsafe algorithms required to have the partner SSH server or client connect.

If the IBM i is the SSH Server, modify/edi the sshd_config file; and if the IBM i is the SSH Client, modify/edit the ssh_config file.  The configuration file will be found in the following locations per release:

  • V6R1 – /QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-3.8.1p1/etc/
  • V7R1 – /QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-4.7p1/etc/
  • V7R2+ – /QOpenSys/QIBM/UserData/SC1/OpenSSH/etc

Environment

OpenSSH 6.9p1 has the following algorithms available as default. This information is taken from the OpenSSH manual page for sshd_config:

Ciphers
chacha20-poly1305@openssh.com,
aes128-ctr,aes192-ctr,aes256-ctr,
aes128-gcm@openssh.com,aes256-gcm@openssh.com

MACs

umac-64-etm@openssh.com,umac-128-etm@openssh.com,
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
umac-64@openssh.com,umac-128@openssh.com,
hmac-sha2-256,hmac-sha2-512

KexAlgorithms
curve25519-sha256@libssh.org,
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,
diffie-hellman-group14-sha1

Tagged with: , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*