SSH: do not send spoofable TCP keep alive messages

By default, both SSH server and client rely on TCP-based keep alive
messages to detect broken sessions, which can be spoofed rather easily
in order to keep a broken session opened (and vice versa).

Since we rely on SSH-based keep alive messages, which are not vulnerable
to this kind of tampering, there is no need to double-check connections
via TCP keep alive as well.

This patch thereof disables using TCP keep alive for both SSH client and
server scenario. For usability reasons, a timeout of 5 minutes (10
seconds * 30 keep alive messages = 300 seconds) will be used for both
client and server configuration, as 60 seconds were found to be too
short for unstable connectivity scenarios.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>

diff --git a/config/ssh/ssh_config b/config/ssh/ssh_config
index ee0954d5c92a4807ddf38b1b2cd2c9e4c7867c64..85c069ddae4692a3b4225f793544d572b01190ac 100644 (file)
--- a/config/ssh/ssh_config
+++ b/config/ssh/ssh_config
@@ -5,7 +5,7 @@
 
 # Set some basic hardening options for all connections
 Host *
-        # Disable Roaming as it is known to be vulnerable
+        # Disable undocumented roaming feature as it is known to be vulnerable
         UseRoaming no
 
         # Only use secure crypto algorithms
@@ -13,15 +13,19 @@ Host *
         Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
         MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
 
-        # Always visualise server host keys (but helps to identify key based MITM attacks)
+        # Always visualise server host keys (helps to identify key based MITM attacks)
         VisualHostKey yes
 
         # Use SSHFP (might work on some up-to-date networks) to look up host keys
         VerifyHostKeyDNS yes
 
-        # send keep-alive messages to connected server to avoid broken connections
+        # Send SSH-based keep alive messages to connected server to avoid broken connections
         ServerAliveInterval 10
-        ServerAliveCountMax 6
+        ServerAliveCountMax 30
+
+       # Disable TCP keep alive messages since they can be spoofed and we have SSH-based
+       # keep alive messages enabled; there is no need to do things twice here
+       TCPKeepAlive no
 
         # Ensure only allowed authentication methods are used
         PreferredAuthentications publickey,keyboard-interactive,password

diff --git a/config/ssh/sshd_config b/config/ssh/sshd_config
index 4565565403caf08c49f01a1b2f8e18c68ed206b2..76c9b3eb1cdd046950ad095c81dc34a46d2f4185 100644 (file)
--- a/config/ssh/sshd_config
+++ b/config/ssh/sshd_config
@@ -46,11 +46,13 @@ AllowTcpForwarding no
 AllowAgentForwarding no
 PermitOpen none
 
-# Detect broken sessions by sending keep-alive messages to clients via SSH connection
+# Send SSH-based keep alive messages to connected clients to avoid broken connections
 ClientAliveInterval 10
+ClientAliveCountMax 30
 
-# Close unresponsive SSH sessions which fail to answer keep-alive
-ClientAliveCountMax 6
+# Since TCP keep alive messages can be spoofed and we have the SSH-based already,
+# there is no need for this to be enabled as well
+TCPKeepAlive no
 
 # Add support for SFTP
 Subsystem      sftp    /usr/lib/openssh/sftp-server