| |
@@ -1,56 +1,47 @@
|
| |
-
|
| |
- include::en-US/entities.adoc[]
|
| |
-
|
| |
[[sect-security]]
|
| |
- == Security
|
| |
-
|
| |
- [[security-crypto]]
|
| |
- === System-wide Crypto Policy
|
| |
-
|
| |
- The security of network communications is a high priority for the Fedora project, with strong TLS providing the first line of defense against traffic inspection. Two systems negotiating a TLS connection must agree on a common cipher to encrypt their communications, and as ciphers become deprecated, it is important to exclude them.
|
| |
-
|
| |
- The ciphers that an administrator might consider adequately secure are determined by vulnerabilities published against specific ciphers. The acceptable cipher suite applies to all communications on the internet, and is not specific to any one system or daemon. To ease administration and increase adminsitrator confidence in the system's security posture, Fedora has been configuring various software to use a system-global configuration so that TLS ciphers need only be updated in one place.
|
| |
+ = Security
|
| |
+ include::en-US/entities.adoc[]
|
| |
|
| |
- With Fedora 26, two more things will use the system-wide crypto policy, `OpenSSH` and `Java`.
|
| |
+ [[sect-security-kerberos-kcm]]
|
| |
+ == Kerberos KCM credential cache by default
|
| |
+ Fedora 27 defaults to a new Kerberos credential cache type called Kerberos Cache Manager (KCM), implemented in the sssd-kcm service, that is better suited for containerized environments and also provides a better user experience in the general case. Key features of KCM include:
|
| |
|
| |
- .OpenSSH Crypto
|
| |
- OpenSSH clients will use system preferred key exchange algorithms, encryption ciphers, and message authentication code (MAC) algorithms. This is enabled by an `Include` directive in `/etc/ssh/ssh_config` to include directives in `/etc/ssh/ssh_config.d/*.conf`, which pulls in `/etc/crypto-policies/back-ends/openssh.config`.
|
| |
+ * Kerberos credential caches are handled by a userspace deamon with a UNIX socket entry point. That means the UIDs and GIDs of the cache owners are subject to UID namespacing, which is beneficial in containerized environments.
|
| |
+ * The UNIX socket can be mounted into containers on demand, thus allowing one or more containers to share a single Kerberos credential cache.
|
| |
+ * The KCM deamon is stateful. While no functionality that benefits from that is implemented in F-27, the deamon will allow automatic refreshes of a user's Kerberos credentials if needed.
|
| |
|
| |
- .Java Crypto
|
| |
- OpenJDK has been modified to read additional security properties from the generated crypto policies file at `/etc/crypto-policies/back-ends/java.config`
|
| |
+ Information about using KCM can be found in `man sssd-kcm` and also in `man sssd-secrets`, because KCM uses sssd-secrets for data storage. Additional information is contained in the https://docs.pagure.org/SSSD.sssd/design_pages/kcm.html[SSSD Design Page for KCM].
|
| |
|
| |
- This change may affect connections to legacy systems that do not support more strict crypto policies. While it is possible to switch the system profile from DEFAULT to LEGACY, or to set `security.useSystemPropertiesFile=false` in a project's `java.security` file (refer to link:++https://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html++[]), it would be best to also update legacy applications to modern security standards.
|
| |
+ [[sect-security-krb5-appl]]
|
| |
+ == krb5-appl Packages Removed
|
| |
+ The `krb5-appl-clients` and `krb5-appl-servers` packages are considered to be obsolete and have been removed from Fedora. These packages provided Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. Users should to move to more modern security tools, such as openssh.
|
| |
|
| |
- [[sect-security-openssl110]]
|
| |
- === OpenSSL 1.1.0
|
| |
|
| |
- The introduction of OpenSSL 1.1.0 in Fedora 26 brings many big improvements, new cryptographic algorithms, and API changes that allow for keeping the ABI stable in future upgrades. There is also now a compat-openssl10 package in Fedora that provides OpenSSL 1.0.2 for dependent applications that cannot move to 1.1.0 yet.
|
| |
+ [#sect-defauilt-ciopher-in-openvpn-changed-to-256-bit-aes-gcm]
|
| |
+ == Default cipher in OpenVPN changed to 256-bit AES-GCM
|
| |
|
| |
- There is more information about OpenSSL 1.1.0 in the link:++https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes++[ OpenSSL wiki].
|
| |
+ OpenVPN configurations utilizing the newer `openvpn-server@.service` unit file now use a stronger cipher for the VPN tunnel by default. The default is changed from the Blowfish algorithm using 128-bit keys to the newer AES-GCM algorithm with 256-bit keys.
|
| |
|
| |
- [[sect-security-opensc]]
|
| |
- === OpenSC Replaces Coolkey
|
| |
+ To ensure backwards compatibility, this new default also enables clients still using the not recommended Blowfish algorithm to connect by utilizing the `--ncp-ciphers` feature being available in OpenVPN{nbsp}2.4.
|
| |
|
| |
- Fedora 26 is not shipping the Coolkey PKCS#11 module in the NSS database by default. Instead, there will be the OpenSC PKCS#11 module, which supports more different Smart Cards. The Coolkey package will be removed in Fedora 27. If other applications were using Coolkey, they should be able to switch to OpenSC.
|
| |
+ To facilitate an easy migration path away from Blowfish for clients not supporting AES-GCM, these clients can now add or change the `--cipher` option in the client configuration to either `AES-256-CBC` or `AES-128-CBC` without needing to do any other server changes.
|
| |
|
| |
- In case you still need Coolkey in the NSS DB, you can add it manually using [command]`modutil -dbdir /etc/pki/nssdb -add "CoolKey PKCS #11 Module (manual)" -libfile libcoolkeypk11.so -force` (the different name is used to prevent automatic removals when updating coolkey package).
|
| |
|
| |
- Soon (during F26 cycle) there will be fully-featured 0.17.0 update to OpenSC with all the tested features and cards that should serve as a complete replacement of Coolkey.
|
| |
+ [#sect-openshh-server-now-follows-system-wide-crypto-policies]
|
| |
+ == OpenSSH Server now follows system-wide crypto policies
|
| |
|
| |
- [[sect-security-sssd]]
|
| |
- === SSSD fast cache for local users
|
| |
+ Fedora defines system-wide crypto policies, which are followed by cryptographic libraries and tools, including OpenSSH clients. This allows administrators to use different system-wide security levels. With this update, OpenSSH Server adheres to these system-wide crypto policies, too.
|
| |
|
| |
- SSSD has shipped with a very fast memory cache in the last couple of Fedora releases. However, using this cache conflicts with nscd's caching and nscd has been disabled by default. That degrades performance, because every user or group lookup must open the local files.
|
| |
+ This modification is implemented using a script, which places configuration generated according to currently defined crypto policies into the OpenSSH Server's configuration file. The script is executed by systemd when the `sshd` service is started. It is, therefore, necessary to restart the `sshd` service for changes to crypto-policy configuration to take effect.
|
| |
|
| |
- From Fedora 26, a new SSSD "files" provider will resolve users from the local files. That way, the "sss" NSS module can be configured before the files module in nsswitch.conf and the system can leverage sss_nss caching for both local and remote users. As a result, user and group resolution in Fedora will be much faster.
|
| |
|
| |
- [[sect-security-authconfig-cleanup]]
|
| |
- === Authconfig cleanup
|
| |
+ [#sect-ssh-1-support-removed-from-openssh]
|
| |
+ == SSH-1 support removed from OpenSSH
|
| |
|
| |
- Obsolete and unmaintainable code was removed from [command]`authconfig`. Notably:
|
| |
+ The SSH-1 protocol is obsolete and no longer considered secure. As such, it is not supported by the default OpenSSH client binaries packaged for Fedora. This changes removes support for the SHH-1 protocol altogether by removing the *openssh-clients-ssh1* subpackage.
|
| |
|
| |
- * The graphical interface ([package]*system-config-authentication*) and the interactive text mode, which relied on old and unmaintained libraries (GTK+2 and Glade) have been removed from the distribution.
|
| |
|
| |
- * The command line tool, which has been deprecated previously, continues to be part of the distribution for legacy reasons. However, some deprecated and obsolete functionality such as support for `WINS` and `HESIOD` has been removed in this release.
|
| |
+ [#sect-libcurl-switches-to-using-openssl]
|
| |
+ == libcurl switches to using OpenSSL
|
| |
|
| |
- The removal effort is happening because current modern environments support automatic configuration of remote user identities using `Realmd` and `SSSD` and do not require manual configuration through an interactive interface such as [package]*system-config-authentication*. Some of the existing authconfig command line functionality is being preserved due to it still retaining some usefulness in certain environments, and to support the [command]`auth` command in Kickstart. Removing parts of the code base that are no longer maintainable makes it easier to continue providing this functionality.
|
| |
+ The *libcurl* library now uses OpenSSL for TLS and crypto (instead of NSS). TLS certificates and keys stored in the NSS database need to be exported to files for *libcurl* to be able to load them. See link:http://pki.fedoraproject.org/wiki/NSS_Database[http://pki.fedoraproject.org/wiki/NSS_Database] for instructions on how to work with the NSS database.
|
| |