Update tls & ssh config

- move tls & ssh config to a common file
- TLS: restrict cipher suites to a smaller set ( removed CBC )
- TLS: changed priority of tls curves
- SSH: restrict KeyExchange algos to a smaller set ( removed SHA1
variants )

Signed-off-by: Bohan Chen <bochen@pivotal.io>
Co-authored-by: Sameer Vohra <svohra@pivotal.io>

atc/atccmd/command.go

@@ -979,20 +979,8 @@ func (cmd *RunCommand) tlsConfig() (*tls.Config, error) {
 			return nil, err
 		}
 
-		tlsConfig = &tls.Config{
-			Certificates:     []tls.Certificate{cert},
-			MinVersion:       tls.VersionTLS12,
-			CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
-			CipherSuites: []uint16{
-				tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-				tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-				tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-				tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-				tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-			},
-			PreferServerCipherSuites: true,
-			NextProtos:               []string{"h2"},
-		}
+		tlsConfig = atc.DefaultTLSConfig()
+		tlsConfig.Certificates = []tls.Certificate{cert}
 	}
 	return tlsConfig, nil
 }

atc/config.go

@@ -1,10 +1,13 @@
 package atc
 
 import (
+	"crypto/tls"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"strings"
+
+	"golang.org/x/crypto/ssh"
 )
 
 const ConfigVersionHeader = "X-Concourse-Config-Version"
@@ -496,3 +499,48 @@ func (config Config) JobIsPublic(jobName string) (bool, error) {
 
 	return job.Public, nil
 }
+
+func DefaultTLSConfig() *tls.Config {
+	return &tls.Config{
+		MinVersion: tls.VersionTLS12,
+
+		// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
+		CurvePreferences: []tls.CurveID{
+			tls.CurveP256,
+			tls.CurveP384,
+			tls.CurveP521,
+		},
+
+		// Security team recommends a very restricted set of cipher suites
+		CipherSuites: []uint16{
+			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+		},
+
+		PreferServerCipherSuites: true,
+		NextProtos:               []string{"h2"},
+	}
+}
+
+func DefaultSSHConfig() ssh.Config {
+	return ssh.Config{
+		// use the defaults prefered by go, see https://github.com/golang/crypto/blob/master/ssh/common.go
+		Ciphers: nil,
+
+		// CIS recommends a certain set of MAC algorithms to be used in SSH connections. This restricts the set from a more permissive set used by default by Go.
+		// See https://infosec.mozilla.org/guidelines/openssh.html and https://www.cisecurity.org/cis-benchmarks/
+		MACs: []string{
+			"hmac-sha2-256-etm@openssh.com",
+			"hmac-sha2-256",
+		},
+
+		//[KEX Recommendations for SSH IETF](https://tools.ietf.org/html/draft-ietf-curdle-ssh-kex-sha2-10#section-4)
+		//[Mozilla Openssh Reference](https://infosec.mozilla.org/guidelines/openssh.html)
+		KeyExchanges: []string{
+			"ecdh-sha2-nistp256",
+			"ecdh-sha2-nistp384",
+			"ecdh-sha2-nistp521",
+			"curve25519-sha256@libssh.org",
+		},
+	}
+}

tsa/client.go

@@ -342,9 +342,7 @@ func (client *Client) dial(ctx context.Context, idleTimeout time.Duration) (*ssh
 	}
 
 	clientConfig := &ssh.ClientConfig{
-		Config: ssh.Config{
-			MACs: AllowedMACs,
-		},
+		Config: atc.DefaultSSHConfig(),
 
 		User: "beacon", // doesn't matter
 

tsa/constants.go

@@ -1,8 +0,0 @@
-package tsa
-
-// CIS recommends a certain set of MAC algorithms to be used in SSH connections. This restricts the set from a more permissive set used by default by Go.
-// See https://infosec.mozilla.org/guidelines/openssh.html and https://www.cisecurity.org/cis-benchmarks/
-var AllowedMACs = []string{
-	"hmac-sha2-256-etm@openssh.com",
-	"hmac-sha2-256",
-}

tsa/tsacmd/command.go

@@ -9,6 +9,7 @@ import (
 	"time"
 
 	"code.cloudfoundry.org/lager"
+	"github.com/concourse/concourse/atc"
 	"github.com/concourse/concourse/tsa"
 	"github.com/concourse/flag"
 	"github.com/tedsuo/ifrit"
@@ -168,9 +169,7 @@ func (cmd *TSACommand) configureSSHServer(sessionAuthTeam *sessionTeam, authoriz
 	}
 
 	config := &ssh.ServerConfig{
-		Config: ssh.Config{
-			MACs: tsa.AllowedMACs,
-		},
+		Config: atc.DefaultSSHConfig(),
 		PublicKeyCallback: func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) {
 			return certChecker.Authenticate(conn, key)
 		},