ONTAP Hardware

Security Vulnerblilties on old FAS 6080

debstef
7,272 Views

Hope someone can assist... I never had to worry about these things but suddenly our security team had a dream. None the less...

 

We have two (very) old FAS 6080 both running 8.2.5 7-mode. I managed to get the one to show no vulnerabilities to the Sec team but the other still presents two issues:

SSL Medium Strength Cipher Suites Supported (SWEET32)

SSL RC4 Cipher Suites Supported (Bar Mitzvah)

The options list for both arrays are the same however the one still have "issues"

I have disabled anything SSL that I can see also. Happy to manage it via SSH. And yes, we have been trying to get the business to migrate their data for years...

 

How can I get rid of these?

1 ACCEPTED SOLUTION

andris
7,212 Views

Maybe you need to remove that Diffie-Hellman (DH) key...

 

There is a KB article on this option, but it hasn't been migrated to the new KB system, yet.

 

This is some relevant parts:

When high_security.enable is set to ON:

  • SSH: Will stop advertising weaker ciphers, KEX and MAC algorithms – These MACs will not be advertised: all hmac-md5 series, hmac-ripemd series, umac series and kex: diffie-hellman-group1-sha1, curve25519
  • SSL: ssl.v2.enable and ssl.v3.enable will be disabled 
  • TLS: TLS.v1.1 and TLSv1.2 will be enabled and internally negotiate TLSv1.1, TLSv1.2 only
  • Secure LDAP: should negotiate according to value of TLS setting (tls.v1_1.enable/tls.v1_2.enable)

How to enable:

In order to enable the high_security option, all the Vfilers must have the required ECDSA and ED25519 keys generated using Secure admin setup. If any Vfilers do not have the required SSH keys, then high security options cannot be enabled.

Consider the following when stronger SSH keys are required:

  • When prompted for the key size, input the number, don’t accept the default in brackets, even if the default is showing the desired key size
    • For ssh1 protocol, key size must be between 1024 and 16384 bits
    • For ssh2 protocol, RSA key size must be between 1024 and 16384 bits
  • DSA valid key size is 1024 bits
  • ECDSA valid key sizes are 256, 384, and 521 bits
  • ED25519 key size must be between 256 and 16384 bits

1. enable> options high_security.enable on

2. Follow the prompts

Review Documentation: Setting up and Starting SSH service

View solution in original post

8 REPLIES 8

Ontapforrum
7,256 Views

Hi,


Some pointers, not sure if you had access to this.


SWEET32:
https://security.netapp.com/advisory/ntap-20160915-0001/

 

First Fixed in Release:
https://mysupport.netapp.com/NOW/download/software/ontap/8.2.5P2/

 

Workaround:
Data ONTAP operating in 7-Mode: Beginning with version 8.2.5 the "high_security.enable" option will enable only the TLS v1.1 and v1.2 protocols which do not support the 3DES-CBC cipher. If you cannot patch Ontap to P2 at this time, then follow this workaround.

 

By-default it is 'off', so turn it on:
filer> options high_security.enable on

------------------------------------------------

 

RC4:
https://security.netapp.com/advisory/ntap-20150122-0001/

 

First Fixed in Release:
https://mysupport.netapp.com/NOW/download/software/ontap/8.2.3/

 

Workaround:
Data ONTAP operating in 7-Mode beginning with version 8.2.3: the command 'options rc4.enable off' will disable RC4 cipher support in the TLS and SSL protocols over HTTPS.  You are already on fixed version, you just need to turn it off.

 

By-default it is 'on', turn it off:
filer>options rc4.enable off


Thanks!

debstef
7,243 Views

Thanks for your feedback!

 

I managed to get get high_security enabled on one node, the other complains:

 

FAS6080> options high_security.enable on
For enabling high-security option, it is required to have latest secure keys for SSL and SSH.
System has detected the presence of supported SSL key which can support high_security protocols.
Would you still like to re-generate the SSL keys [no]: n
Some vfilers do not have Required SSH Keys.
Generate Required ECDSA and ED25519 keys using Secure admin setup on below vfilers to enable High Security.
Vfiler list : vfiler0,.
Could not enable high_security option. Please check available secure keys using "keymgr list key" command.
FAS6080> keymgr list key
Existing key file(s):
Name Type Bits Size Last Modified
secureadmin.pem ECDSA NA 367 Jun 11 15:17:14 SAST 2020
secureadmin_bak.pem ECDSA NA 367 Jun 11 15:13:09 SAST 2020
dh_secureadmin.pem DH 1024 578 Jun 9 09:13:51 SAST 2020

 

rc4.enable switched to off on both

Ontapforrum
7,229 Views

No worries.  Interesting one Node is able to enable  it, I believe it's a HA Pair, so could you compare the keymgr on both nodes ?  bits & size, what could be different here ?  Never dealt wit this security option in 7-mode.

andris
7,213 Views

Maybe you need to remove that Diffie-Hellman (DH) key...

 

There is a KB article on this option, but it hasn't been migrated to the new KB system, yet.

 

This is some relevant parts:

When high_security.enable is set to ON:

  • SSH: Will stop advertising weaker ciphers, KEX and MAC algorithms – These MACs will not be advertised: all hmac-md5 series, hmac-ripemd series, umac series and kex: diffie-hellman-group1-sha1, curve25519
  • SSL: ssl.v2.enable and ssl.v3.enable will be disabled 
  • TLS: TLS.v1.1 and TLSv1.2 will be enabled and internally negotiate TLSv1.1, TLSv1.2 only
  • Secure LDAP: should negotiate according to value of TLS setting (tls.v1_1.enable/tls.v1_2.enable)

How to enable:

In order to enable the high_security option, all the Vfilers must have the required ECDSA and ED25519 keys generated using Secure admin setup. If any Vfilers do not have the required SSH keys, then high security options cannot be enabled.

Consider the following when stronger SSH keys are required:

  • When prompted for the key size, input the number, don’t accept the default in brackets, even if the default is showing the desired key size
    • For ssh1 protocol, key size must be between 1024 and 16384 bits
    • For ssh2 protocol, RSA key size must be between 1024 and 16384 bits
  • DSA valid key size is 1024 bits
  • ECDSA valid key sizes are 256, 384, and 521 bits
  • ED25519 key size must be between 256 and 16384 bits

1. enable> options high_security.enable on

2. Follow the prompts

Review Documentation: Setting up and Starting SSH service

debstef
7,161 Views

I have compared keys on both controllres and they look the same or similar at least.

 

They are 7-Mode HA pair yes

 

I suspect it doesn't get the relevant key on vfiler0, how do I check that though? When I try work on vfiler0 I get the following:

FAS6080> vfiler context vfiler0
Use of vfilers requires multistore licensed_feature option enabled.

You mention deleting the DH key, again, how do I do that? I see no option under secureadmin to do that.

 

For the other HA pair, neither controller wants to enable high security, both says it cannot be enabled. 😐

 

Thanks for your assistance so far though!

 

Ontapforrum
7,157 Views

Have you tried generating those keys as Andris suggested in the previous post ? 

 

Just on the vfiler: vfiler0 actually is your main filer. The error you see just means, you don't have any vfilers running on your filer.  You are already on vfiler0 (which is your main filer). If you do 'vfiler status' it should show vfiler0 running if none others are configured, if there are other vfilers, then it will also show up.

debstef
7,152 Views

Hmmm a classic example of monkey behind the keyboard... 😐

 

I never read Andris' post properly and focused on SSL. Followed the steps to setup SSH again and magic!!

 

options high_security.enable on set successfully on all 4 controllers

 

Thanks for everyone's assistance here!!

 

Stefan

Ontapforrum
7,148 Views

Glad to know that, you're welcome! Thanks Andris.

Public