Google Git
Sign in
gerrit / gerrit / cc03e8a3a82ef6fea4290e89b11a6da9c4904c34^! / .
commitcc03e8a3a82ef6fea4290e89b11a6da9c4904c34[log] [tgz]
authorGert van Dijk <gertvdijk@gmail.com>Mon Oct 23 23:45:24 2017 +0200
committerGert van Dijk <gertvdijk@gmail.com>Tue Oct 24 01:32:49 2017 +0200
treeeca17b27d15295ff3f988b998ba441aa7cd4acdb
parent4142f2d949aee711b778f281ca1476ac18fa4389 [diff]
Documentation: List all ciphers/MACs available and add some recommendations

Some ciphers were missing (AES-CTR modes, RC4). These were already
available with at least 1.0.0 of Apache MINA SSHD. It's a shame we didn't
list them all; AES-CTR modes are the strongest ones Gerrit can offer!

I've added some recommendations to mitigate at least the worst of the
attacks. I guess we should consider to adapt our defaults to more modern
standards (see Issue 7534).

I did not add recommendations for the MACs section deliberately. Despite
the fact that MD5 and SHA1 are considered broken, HMAC-MD5/HMAC-SHA1 are
not weak in the same way.

Change-Id: Iab6f51ec1d103714283724962f64d4a125ed4aaa

diff --git a/Documentation/config-gerrit.txt b/Documentation/config-gerrit.txt
index 6e371f7..f20a0c2 100644
--- a/Documentation/config-gerrit.txt
+++ b/Documentation/config-gerrit.txt

@@ -4153,10 +4153,24 @@
 to the default ciphers, cipher names starting with `-` are removed
 from the default cipher set.
 +
-Supported ciphers: `aes128-cbc`, `aes128-cbc`, `aes256-cbc`, `blowfish-cbc`,
-`3des-cbc`, `none`.
+Supported ciphers:
++
+* `aes128-ctr`
+* `aes192-ctr`
+* `aes256-ctr`
+* `aes128-cbc`
+* `aes192-cbc`
+* `aes256-cbc`
+* `blowfish-cbc`
+* `3des-cbc`
+* `arcfour128`
+* `arcfour256`
+* `none`
 +
 By default, all supported ciphers except `none` are available.
++
+If your setup allows for it, it's recommended to disable all ciphers except
+the AES-CTR modes.
 
 [[sshd.mac]]sshd.mac::
 +
@@ -4166,8 +4180,14 @@
 are enabled in addition to the default MACs, MAC names starting with
 `-` are removed from the default MACs.
 +
-Supported MACs: `hmac-md5`, `hmac-md5-96`, `hmac-sha1`, `hmac-sha1-96`,
-`hmac-sha2-256`, `hmac-sha2-512`.
+Supported MACs:
++
+* `hmac-md5`
+* `hmac-md5-96`
+* `hmac-sha1`
+* `hmac-sha1-96`
+* `hmac-sha2-256`
+* `hmac-sha2-512`
 +
 By default, all supported MACs are available.
 
@@ -4203,6 +4223,11 @@
 By default, all supported key exchange algorithms are available.
 Without Bouncy Castle, `diffie-hellman-group1-sha1` is the only
 available algorithm.
+
+It is strongly recommended to disable at least `diffie-hellman-group1-sha1`
+as it's known to be vulnerable (logjam attack). Additionally, if your setup
+allows for it, it is recommended to disable the remaining two `sha1` key
+exchange algorithms.
 --
 
 [[sshd.kerberosKeytab]]sshd.kerberosKeytab::