I went to
https://terrapin-attack.com/ and downloaded their vulerability scanner. Slackware 15.0 is vulnerable, Slackware-current is able to mitigate the weakness. But note that a connection set up by a vulnerable client towards a secured SSH server is still vulnerable to a Terrapin attack.
Anyway, the above page also states what you have to
remove but is not specific on how to do that:
Code:
disabling the affected chacha20-poly1305@openssh.com encryption and -etm@openssh.com MAC algorithms in the configuration of your SSH server (or client),
and use unaffected algorithms like AES-GCM instead.
Now look at what the sshd in Slackware 15.0 supports:
Code:
# sshd -T |grep -i cipher
ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
# sshd -T |grep -i mac
macs umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
Compare that to slackware-current:
Code:
# sshd -T |grep -i cipher
ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
# sshd -T |grep -i mac
macs umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
So they both look vulnerable, but the difference is what the vulnerability scanner reports about "Strict key exchange support" which is "true" for Slackware-current but "false" for Slackware 15.0:
Code:
ChaCha20-Poly1305 support: true
CBC-EtM support: false
Strict key exchange support: false
The scanned peer is VULNERABLE to Terrapin.
If you want to mitigate your Slackware 15.0 server, then add two lines specifying the Ciphers and MACs your server should support. The values I extracted with "sshd -T" are the built-in defaults.
As an example, add this to the end of /etc/sshd/sshd_config (I simply removed the vulnerable Ciphers and MACs):
Code:
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
MACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
Validate the changes you made with "sshd -t".
And then run "/etc/rc.d/rc.sshd restart".
Note that old ssh clients will probably no longer be able to connect to your SSH server now.