Secure your SFTP server: Tip 5 - Strengthen SFTP/SSH configurations

This post will focus on the SFTP and SSH protocols, and examine your protocol-specific settings that should be enabled to strengthen SFTP and SSH server configurations. Previous tips in our series on securing your SFTP server have explained various techniques that help protect your server against attackers. These techniques have been largely generic, and apply across all protocols. Secure file servers such as CompleteFTP support many protocols, including FTP, FTPS, HTTP, HTTPS, SCP and SFTP.

The first tip has already been mentioned, but it is worth repeating - disable SSH terminal access unless it is absolutely required. SSH terminal access is dangerous - it gives far greater access to the operating system than SFTP does, often including commands like 'exec' which allow the execution of any binary on the server that is accessible. SFTP also runs over an SSH connection, but it does not give terminal access. If a certain user must have SSH terminal access, disable it for all other users.

Secondly, restrict authentication methods. SFTP (as well as SSH and SCP, which also runs over SSH) supports a number of methods - password authentication, public key authentication, and keyboard-interactive authentication. It is best to disable password and keyboard-interactive authentication if this is possible - it means that users must have the appropriate private key to be able to authenticate. This eliminates the possibility of an attacker trying to guess passwords. It is important to encrypt the private key with a passphrase.

Sometimes, a password must be supplied - for example Windows users in CompleteFTP need a password to log in to Windows. In that situation, you can require public key authentication as well as password authentication - both must succeed for the user to log in. This combines two authentication methods, making them both compulsory.

Thirdly, restrict the server's algorithms to the strongest that are available. SSH supports both RSA and DSA host key algorithms. Disable DSA, and ensure the server's RSA key is 2048 bits. Use the more secure ciphers, such as the 128, 192 or 256 bit AES ciphers. For MAC algorithms, disable MD5 and prefer SHA1 if possible. Even better, use SHA2 algorithms for MACs, if the server and your clients support them (not all SFTP clients do).

Next, ensure the SSH banner message that is sent to clients contains the appropriate legal warnings about unauthorized access. This won't stop intruders, of course, but it is necessary for legal reasons, and your legal department or legal counsel should be consulted.

Finally, you should be able to hide the server's product name and version string that is sent to clients when they connect using an SSH client. For example, by default the current version of CompleteFTP will send "SSH-2.0-CompleteFTP-8.1.4", but when the "Hide server product details" option is selected, the string returned is "SSH-2.0-Unknown". This gives away no information about the server, which helps if it happens to be an older version with known exploits. Of course hiding the product details won't stop a determined attacker, but it means they won't begin with a vulnerability that is likely to succeed.

Posted by John Faulds in