How secure is SFTP?

General help on how to use Cerberus. Questions on how a particular feature works, how to use feature x with feature y... Please read the "How to use this forum" article before posting.
Post Reply
Mario_Ecomail
User
Posts: 25
Joined: Fri Jun 06, 2014 4:54 am
Location: Spain

How secure is SFTP?

Post by Mario_Ecomail » Tue Nov 27, 2018 10:59 am

Hi all!,
Recently one our customers gone through an IT audit and asked us about how we secure the connection between them and our SFTP (Cerberus Enterprise 7.0.17 [I know it's EOL])

They asked the key exchange to be "RSA or Diffie-Hellman, 2048 bit key preferably or 1024 bit at least".

I've checked the main screen in cerberus and it says "Server Certificate RSA (2048 bit)" but "Encryption is 128 bit"

https://imgur.com/a/HqD8o7h

So...
1- How can I prove them what is the connection strength?
2- How can I show what kind of alorithm is used for the key exchange
3- If I were to purchase a certificate from a CA, what kind should I look for?

Thank you everyone.

pacman
Senior User
Posts: 187
Joined: Thu Apr 28, 2016 1:54 pm

Re: How secure is SFTP?

Post by pacman » Thu Dec 06, 2018 4:32 pm

Sorry for the delayed reply.

If security is truly a concern, I would recommend upgrading Cerberus.
That alone will make sure that you are protected against any security vulnerabilities in older releases.
How can I prove them what is the connection strength?
It's posted on the summary page from your screenshot you support at minimum 128-bit
How can I show what kind of alorithm is used for the key exchange
Your Cerberus log will display that information and you also configure the settings under Security>Advanced

Example:

CONNECT [ 28757] - SSH SFTP connection request accepted from XX.XXX.17.122
INFO [ 28757] - Client Identification: SSH-2.0-phpseclib_0.2 (mcrypt, bcmath)
CONNECT [ 28757] - Algorithm negotiation complete: Proceeding with key exchange
CONNECT [ 28757] - Kex: 'diffie-hellman-group1-sha1' Host Key: 'ssh-rsa' C2S : 'aes128-cbc, hmac-sha1-96, none' S2C : 'aes128-cbc, hmac-sha1-96, none'


ssh-rsa is just the host key type

C2S is client to Server, client -> server its supported ciphers and HMAC; S2C is server to client, it's the info from Server.

Diffie-Helman is the key exchange protocol. The other 3, in order, are cipher, HMAC, and compression.
If I were to purchase a certificate from a CA, what kind should I look for?
You will just a want a single domain certificate, they are pretty much the same wherever you get it from.

Mario_Ecomail
User
Posts: 25
Joined: Fri Jun 06, 2014 4:54 am
Location: Spain

Re: How secure is SFTP?

Post by Mario_Ecomail » Fri Dec 07, 2018 6:54 am

Hi pacman,
Thank you for your response, no worries.
pacman wrote:
Thu Dec 06, 2018 4:32 pm
If security is truly a concern, I would recommend upgrading Cerberus.
That alone will make sure that you are protected against any security vulnerabilities in older releases.
Yeah, I let management know and see what happens. :roll:
It's posted on the summary page from your screenshot you support at minimum 128-bit
I've seen that SSH2 Cipher List can go up to 256bit, and just download a trial of the latest version and still it doesn't go higher than 256 bit on SSH. Is it possible to set it higher?Importing a key or something.
Your Cerberus log will display that information and you also configure the settings under Security>Advanced

Example:

CONNECT [ 28757] - SSH SFTP connection request accepted from XX.XXX.17.122
INFO [ 28757] - Client Identification: SSH-2.0-phpseclib_0.2 (mcrypt, bcmath)
CONNECT [ 28757] - Algorithm negotiation complete: Proceeding with key exchange
CONNECT [ 28757] - Kex: 'diffie-hellman-group1-sha1' Host Key: 'ssh-rsa' C2S : 'aes128-cbc, hmac-sha1-96, none' S2C : 'aes128-cbc, hmac-sha1-96, none'
I can see that on my log

Code: Select all

[1083]	 Client Identification: SSH-2.0-libssh2_1.7.0
[1083]	 Algorithm negotiation complete: Proceeding with key exchange
[1083]	 Kex: 'diffie-hellman-group-exchange-sha256' Host Key: 'ssh-rsa' C2S : 'aes128-ctr, hmac-sha2-256, none' S2C : 'aes128-ctr, hmac-sha2-256, none'
[1083]	 DH Key sizes: Server Public '2048', Private '2047', Client Public '2047'
So I'm a bit confused here: If SSH2 is 128bit, as seen on my OP screenshot, how is that "DH Key size" seemes to be 2048 (more like the RSA certificate)?
ssh-rsa is just the host key type
C2S is client to Server, client -> server its supported ciphers and HMAC; S2C is server to client, it's the info from Server.
Diffie-Helman is the key exchange protocol. The other 3, in order, are cipher, HMAC, and compression.
Sorry, I have to say that I don't get this. I'm not sure I understand the different protocols, neither I'm sure what our customer "wants to see", if I show them the "RSA 2048" they are happy. If I show them the "Diffie Helman 256", they may not. :|
You will just a want a single domain certificate, they are pretty much the same wherever you get it from.
Understood, I know there are different kinds of them depending on validation, but I wasn't sure about their strength / complexity.

Again thank you for your help.

pacman
Senior User
Posts: 187
Joined: Thu Apr 28, 2016 1:54 pm

Re: How secure is SFTP?

Post by pacman » Fri Dec 07, 2018 4:54 pm

I'm not an expert on cryptology but from what I understand this is how things work.

When a connection is made by a client, Cerberus responds with the protocol versions it supports. If the client can match one of the acceptable protocol versions, the connection continues. The server also provides its public host key (RSA), which the client can use to check whether this was the intended host.

The status you see on the summary (RSA 2048) is the generated from the server's SSL certificate and private key.
It's used to prove the server's identity.

2048 is the standard right now when creating your CSR for your SSL certificate you could double it to 4096.
https://www.cerberusftp.com/wp-content/ ... elp-08.png

It is true that a longer key provides better security, the increase in bits of security is pretty small.
Going with a larger key also translates to increased CPU usage and higher power consumption.

After the host key is trusted, both parties negotiate a session key using a version of something called the Diffie-Hellman algorithm. This algorithm (and its variants) make it possible for each party to combine their own private data with public data from the other system to arrive at an identical secret session key.

The session key will be used to encrypt the entire session. The public and private key pairs used for this part of the procedure are completely separate from the SSH keys used to authenticate a client to the server.

Cerberus FTP allows the administrator to specify the algorithms that should be chosen during the handshake via the advanced security settings in the Server Manager.

Therefore, it is possible to require the Cerberus FTP Server to use either 128-bit or 256-bit encryption as the default. By default, Cerberus FTP Server is configured to require a minimum 128-bit encryption as the default.

128-bit encryption is one of the most secure encryption methods used in modern encryption algorithms and technologies. Furthermore, 128-bit encryption is considered to be logically unbreakable and it is also the minimum required encryption level for HIPAA compliance.

256-bit encryption, on the other hand, is considerably stronger than 128-bit and delivers an even higher level of protection. Therefore, you should consider using 256-bit encryption if you are looking for the highest available encryption strength to keep your data safe. Furthermore, as technology continues to progress, it is expected that the industry standard will likely shift to 256-bit encryption for secure sockets layer protection.

Mario_Ecomail
User
Posts: 25
Joined: Fri Jun 06, 2014 4:54 am
Location: Spain

Re: How secure is SFTP?

Post by Mario_Ecomail » Mon Dec 17, 2018 11:26 am

Hi pacman,
Thank you so much for your help.
I have a better understanding now of how it works, in case our customer asks back.

Just one last question if I may. If I eventually purchase a certificate to secure the web portal - doesn't look good for customers when Google displays the red warning on https -, can I use that same certificate to sign the SFTP transfers? or are they two different worlds?.

Cheers.

Post Reply