本教程介绍了保护你的Ubuntu或Debian Linux服务器,以应对最近发现的Logjam攻击所需要采取的几个步骤。Logjam是一种针对Diffie-Hellman密钥交换技术发起的攻击,而这项技术应用于诸多流行的加密协议,比如HTTPS、TLS、SMTPS、SSH及其他协议。
必须以根用户的身份在外壳上执行下列步骤。
生成独特的DH组
想确保服务器安全,第一个步骤是利用openssl命令,生成独特的DH组。我将在/etc/ssl/private/目录中创建文件。如果你的服务器上没有这个目录,那么用下列命令创建该文件:
mkdir -p /etc/ssl/private chmod 710 /etc/ssl/private
现在,我要创建dhparams.pem文件,并设置安全权限:
cd /etc/ssl/private openssl dhparam -out dhparams.pem 2048 chmod 600 dhparams.pem
Apache
首先,我要根据来自weakdh.org的建议,添加一个安全密码组。使用编辑工具打开文件/etc/apache2/mods-available/ssl.conf:
nano /etc/apache2/mods-available/ssl.conf
然后更改或添加这几行:
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLHonorCipherOrder on
请注意:SSLCipherSuide只有一行长,所以不要添加换行符!
第二部分是在apache中设置DH组。SSLOpenSSLConfCmd配置选项只出现在apache 2.4.8或更新的版本上,它还需要openssl 1.0.2或更新的版本,于是我们首先要测试我们的apache和openssl版本是否支持它:
apache2 -v
我的Debian 7服务器上的输出结果如下:
root@server1:/etc/apache2# apache2 -v Server version: Apache/2.2.22 (Debian) Server built: Dec 23 2014 22:48:29
现在我要测试openssl:
openssl version
我系统上的输出结果如下:
root@server1:/# openssl version OpenSSL 1.0.1e 11 Feb 2013
因而我可以在该服务器上设置DH组。第一个和第二个部分彼此独立,第一个部分是已经被禁用的可保护服务器的弱密码,它没有DH组也可以工作。如果你的apache版本高于2.4.8,OpenSSL版本高于1.0.2,那么再次编辑/etc/apache2/mods-available/ssl.conf文件:
nano /etc/apache2/mods-available/ssl.conf
添加这一行:
SSLOpenSSLConfCmd DHParameters "/etc/ssl/private/dhparams.pem"
然后重启apache:
service apache2 restart
Nginx
编辑nginx配置文件/etc/nginx/nginx.conf
nano /etc/nginx/nginx.conf
添加或更换httpd { .... }这部分里面的下列设置:
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/private/dhparams.pem;
然后重启nginx:
service nginx restart
Postfix
运行下面这些命令,设置安全密码组和DH组:
postconf -e "smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA"
postconf -e "smtpd_tls_dh1024_param_file = /etc/ssl/private/dhparams.pem"
然后重启postfix:
service postfix restart
Dovecot
编辑dovecot配置文件/etc/dovecot/dovecot.conf
nano /etc/dovecot/dovecot.conf
然后紧跟ssl_protocols这一行添加这一行:
ssl_cipher_list=ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
至于其他参数,我们需要知道dovecot版本。在外壳上运行这个命令,以获得dovecot版本方面的信息: dovecot --version
如果版本是2.2.6或更高,那么添加这额外的一行:
ssl_prefer_server_ciphers = yes
如果版本是2.2.7或更高,那么添加这第三行:
ssl_dh_parameters_length = 2048
最后重启dovecot
service dovecot restart
Pure-ftpd
保护Debian和Ubuntu上的pure-ftpd的安全来得有点复杂,因为/usr/sbin/pure-ftpd-wrapper脚本并不直接参数-J参数选项,pure-ftpd使用该参数选项来设置SSL密码组。第一步是在封装器脚本中添加对-J选项的支持。打开文件:
nano /usr/sbin/pure-ftpd-wrapper
然后向下滚动,找到这一行:
'TLS' => ['-Y %d', \&parse_number_1],
现在紧跟'TLSCipherSuite' => ['-J %s', \&parse_string]后面添加这新的一行。
然后使用nano命令,创建文件/etc/pure-ftpd/conf/TLSCipherSuite;如果该文件已存在,则编辑它:
nano /etc/pure-ftpd/conf/TLSCipherSuite
然后输入下列密码列表:
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
如果该文件已经存在,并且含有一些密码,那么将密码换成上述密码。然后保存文件,重启pure-ftpd:
service pure-ftpd-mysql restart
链接:
https://weakdh.org/
英文:How to protect your Debian or Ubuntu Server against the Logjam attack