From f059382b72ad81fe831499ab533fae36630eece7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Imm=C3=A1nuel!?= <21174107+immanuelfodor@users.noreply.github.com> Date: Sat, 6 Jun 2020 16:33:45 +0200 Subject: [PATCH] Add algo choice guide --- OPNsense-20.1.2-and-newer.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/OPNsense-20.1.2-and-newer.md b/OPNsense-20.1.2-and-newer.md index c8ffe50..51e85d5 100644 --- a/OPNsense-20.1.2-and-newer.md +++ b/OPNsense-20.1.2-and-newer.md @@ -40,8 +40,25 @@ opnsense-patch 1165119 service configd restart ``` -As there are no ordering in the chosen algorithms, advanced users that tune these settings should pick their choices to be the most hard that their SSH clients support. +As there is no ordering among the chosen algorithms, advanced users that tune these settings should pick their choices to be the most hard that their SSH clients support. ## OPNsense 20.7+ The new algorithm settings will be released with OPNsense 20.7 according to the above Github issue. If you have OPNsense 20.7 or newer, these settings should be available for you on the web interface out of the box. + +## How to choose algoritms? + +To find out what algorithms your `ssh` client supports, you can run these commands, this is similar to the way OPNsense gets the options to the algorithm chooser dropdowns: +- KexAlgorithms: `ssh -Q kex` +- Ciphers: `ssh -Q cipher` +- MACs: `ssh -Q mac` +- HostKeyAlgorithms: `ssh -Q key` + +A good starting point is to select the following options for maximum compatibility with the probability that your client won't use the strongest/fastest option. As the algorithms may differ in computation speed or in the provided level of security, and their applied order in the OPNsense SSH server's config is nondeterministic (limitation of the current UI kit, it can't take into account the order of the selection), what you'd preferably want is to choose the strongest algorithms that are supported on both ends of the connection, otherwise, you won't be able to SSH into OPNsense until you find the middle ground. + +- KexAlgorithms: `curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256` +- Ciphers: `chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr` +- MACs: `hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com` +- HostKeyAlgorithms: `ssh-ed25519,ssh-ed25519-cert-v01@openssh.com` + +The ordering of the above algorithms represent the best-choice-first mentality, so if you select only the `*25519*` options for KEX and HostKey, and the first ones for the others, it's the best trade-off between speed and security. Otherwise, choose your own preferred algorithms depending on your use case or threat model. \ No newline at end of file