Using modern SSHD config to reduce bruteforce attacks
I recently hardened my SSHD config file to use only modern settings. Initially I set up
HostKeyAlgorithms ssh-ed25519,ssh-rsa KexAlgorithms firstname.lastname@example.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 Ciphers email@example.com,firstname.lastname@example.org,email@example.com,aes256-ctr,aes192-ctr,aes128-ctr MACs firstname.lastname@example.org,email@example.com,firstname.lastname@example.org,hmac-sha2-512,hmac-sha2-256,email@example.com
After a while I noticed a drop in SSH brute force attacks since many bots use older version of SSH libraries.
For example my logs started poping up with
Unable to negotiate with x.x.x.x port 53177: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
So I decided to limit the choices even further using
# Only use Ed25519 host key HostKeyAlgorithms ssh-ed25519 KexAlgorithms firstname.lastname@example.org Ciphers email@example.com # Strictly not needed since Poly1305 MAC is used when CHACHA20 cipher is selected. MACs firstname.lastname@example.org,email@example.com,firstname.lastname@example.org
This config forces use of ChaCha20 cipher with Poly1305 MAC using X25519 key exchange using Ed25519 public key. It is debatable to enable AES256-CTR cipher since it is accelerated on many platforms but in my case it really doesn’t matter.
These settings require a modern SSH client (OpenSSH 6.5 (released in 2014) or PuTTY 0.68 (released in 2017)).
After the changes the bots don’t event attempt to login since they don’t support the modern SSHD config:
Received disconnect from x.x.x.x port 56837:11: [preauth] Disconnected from x.x.x.x port 56837 [preauth]
But in the end it might be a bit useless since only publickey authentication is enabled on the server and it stops all brute force attempts.