Update RHEL 7 STIG SSH Ciphers/MACs

[cpellitt]

CCE-27295-5 configures SSH to use only aes128-ctr, aes192-ctr, and aes256-ctr ciphers. It should include GCM ciphers (aes256-gcm@openssh.com,aes128-gcm@openssh.com). These ciphers work in FIPS mode and are among the most secure.

CCE-27455-5 configures SSH to use only hmac-sha2-512, and hmac-sha2-256 MACs. EtM MACs should be included (hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com), which work in FIPS mode and are considered more secure.

The removal of SHA-1 MACs is also a concern. It is the least secure of the FIPS MACs, so you could argue that it should be removed for that reason. Removing it breaks compatibility with RHEL 5 though. RHEL 5 is currently the only operating system supported by DISA to run ACAS. This means that there are probably a lot of organizations running RHEL 5 ACAS servers, which will not be able to scan RHEL 7 systems that have implemented this rule.

[shawndwells]

will update this over christmas

[GaryGapinski]

Just some FYIs.

I cannot find a definition anywhere for CCE-27295-5.

Nessus complains about CBC use in plugin 70658 citing CVE-2008-5161.

GCM ciphers are not available in SSH on RHEL 7.4 in FIPS mode:

[ggapinsk@gr2380-dra-d5425wyk ~]$ ssh -V -q cipher
OpenSSH_7.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013
[ggapinsk@gr2380-dra-d5425wyk ~]$ sysctl crypto.fips_enabled
crypto.fips_enabled = 1
[ggapinsk@gr2380-dra-d5425wyk ~]$ ssh -Q cipher
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
[ggapinsk@gr2380-dra-d5425wyk ~]$ ```

[cpellitt]

GCM ciphers used to be allowed in FIPS mode, but it seems that was a bug. https://bugzilla.redhat.com/show_bug.cgi?id=1420910

This issue was created for rules that existed prior to the RHEL 7 STIG release, and no longer applies to the current rules.