[CVE-2023-48795] Terrapin: openssh vulnerable in SFOS 4.5 and below

REPRODUCIBILITY: 100%
OS VERSION: 4.5.0.25 and below, fixed in 4.6 and higher
HARDWARE: any
UI LANGUAGE: any
REGRESSION: no

DESCRIPTION:

It has been confirmed that this issue is fixed in the upcoming Sailfish OS 4.6 release, “Sauna”.

Older Sailfish OS ships with OpenSSH version 8.8p1, which is vulnerable to a certain attack called Terrapin.

See https://terrapin-attack.com/ for details.

(Read it thoroughly, especially the first entry in the FAQ. → Don’t panic.)

PRECONDITIONS:

Stock install of OpenSSH on any Sailfish OS phone.

STEPS TO REPRODUCE:

See the website link above. Using their vulnerability scanner one gets something like this output when running on a SFOS phone:

 ./Terrapin_Scanner_Linux_aarch64 -connect localhost:22
================================================================================
==================================== Report ====================================
================================================================================

Remote Banner: SSH-2.0-OpenSSH_8.8

ChaCha20-Poly1305 support:   true
CBC-EtM support:             false

Strict key exchange support: false

The scanned peer is VULNERABLE to Terrapin.

Note: This tool is provided as is, with no warranty whatsoever. It determines
      the vulnerability of a peer by checking the supported algorithms and
      support for strict key exchange. It may falsely claim a peer to be
      vulnerable if the vendor supports countermeasures other than strict key
      exchange.

For more details visit our website available at https://terrapin-attack.com

EXPECTED RESULT:

n/a

ACTUAL RESULT:

n/a

MODIFICATIONS:

n/a

ADDITIONAL INFORMATION:

On Sailfish OS GitHub, PR#4 was merged, which upgrades OpenSSH to version 9.6p1 which should not be affected.

Therefore there is reason to believe that It has been confirmed that this issue is already fixed in the upcoming Sailfish OS 4.6 release, “Sauna”.

7 Likes

Users of affected releases can:

  • either compile and install an unaffected version from the mentioned tag on github
  • or apply the following modifications on their system:
# open a Terminal or ssh session (heh!)
# become root
devel-su
# add config lines to ssh server config:
printf '\n# disable ChaCha20-Poly1305 to avoid Terrapin\nCiphers -chacha20-poly1305@openssh.com\n' >> /etc/ssh/sshd_config
systemctl restart sshd
# add config lines to ssh client config:
printf '\n# disable ChaCha20-Poly1305 to avoid Terrapin\nCiphers -chacha20-poly1305@openssh.com\n' >> /etc/ssh/ssh_config

Or, less cryptically, open /etc/ssh/sshd_config and look for this section:

# Disable weak algorithms
KexAlgorithms -diffie-hellman-group14-sha1
MACs -hmac-sha1,hmac-sha1-etm@openssh.com

Add a comment and a line disabling chacha20-poly1305:

# Disable weak algorithms
KexAlgorithms -diffie-hellman-group14-sha1
MACs -hmac-sha1,hmac-sha1-etm@openssh.com
# disable ChaCha20-Poly1305 to avoid Terrapin
Ciphers -chacha20-poly1305@openssh.com

Do the same for /etc/ssh/ssh_config, although it does not have that specific section, so just put it anywhere.


More details and a potential optimization can be found e.g. in this thread:

6 Likes

careful not to edit ONLY ssh_config but sshd_config … I just, err, cough cough, did that.

1 Like

No actually it’s fine, you should modify both. The comment has been updated now.

1 Like

Just updated mine to note that you should actually edit both. My fault was to edit only the CLIENT config.

Done, rebooted, still works. :+1:

Thanks.

1 Like

The upcoming OS release 4.6.0 has openssh v. 9.6p1. This version prevents the vulnerability CVE-2023-48795.

5 Likes

Thanks for confirming, I have updated the text above.