Remove unsecure SHA1 ciphers

Need help with FileZilla Server? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
Remy64
500 Command not understood
Posts: 3
Joined: 2021-03-15 23:00
First name: Remy
Last name: Masked

Remove unsecure SHA1 ciphers

#1 Post by Remy64 » 2021-03-15 23:08

Hello,

On last Filezilla server software (0.9.60.2 beta) there are unsecure ciphers accepted :

DHE-RSA-AES128-SHA,DHE-RSA-AES256-SHA,DHE-RSA-CAMELLIA128-SHA,DHE-RSA-CAMELLIA256-SHA,ECDHE-RSA-AES128-SHA,ECDHE-RSA-AES256-SHA,AES128-SHA,AES256-SHA,CAMELLIA128-SHA,CAMELLIA256-SHA

There are unsecure because the MAC algorithm is SHA1 which is not secure anymore.

Could you please tell me how I can remove these ciphers ?

Thanks,

Best Regards

User avatar
botg
Site Admin
Posts: 35492
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: Remove unsecure SHA1 ciphers

#2 Post by botg » 2021-03-16 08:23

There is currently no way to do this.

Remy64
500 Command not understood
Posts: 3
Joined: 2021-03-15 23:00
First name: Remy
Last name: Masked

Re: Remove unsecure SHA1 ciphers

#3 Post by Remy64 » 2021-03-16 20:51

Thanks for your quick answer.

Maybe I ask too much but is it possible to make a new version like 0.9.60.3 beta with exclusion of this kinds of ciphers by add !SHA to the line 1092 of the file AsyncSslSocketLayer.cpp ?

Like :

pSSL_set_cipher_list(m_ssl, "DEFAULT:!eNULL:!aNULL:!DES:!3DES:!WEAK:!EXP:!LOW:!MD5:!RC4:!SEED:!IDEA:!PSK:!SRP:!SHA");

Instead of :

pSSL_set_cipher_list(m_ssl, "DEFAULT:!eNULL:!aNULL:!DES:!3DES:!WEAK:!EXP:!LOW:!MD5:!RC4:!SEED:!IDEA:!PSK:!SRP");

It's kindly request, you already developped application and I'm happy to use it for free.

If it's possible I'm will be more happy :D

Have a good day

Best Regards

User avatar
boco
Contributor
Posts: 26899
Joined: 2006-05-01 03:28
Location: Germany

Re: Remove unsecure SHA1 ciphers

#4 Post by boco » 2021-04-07 15:39

It is not possible to compile a new version of the old server code anymore. To my knowledge, it doesn't compile correctly anymore on a new compiler/linker.

However, there is a completely new server in the works.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Please do yourself a favor and read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
### END SIGNATURE BLOCK ###

Remy64
500 Command not understood
Posts: 3
Joined: 2021-03-15 23:00
First name: Remy
Last name: Masked

Re: Remove unsecure SHA1 ciphers

#5 Post by Remy64 » 2021-07-19 08:58

Hello,

I see that you post RC3 of new filezillaServer.

I installed it and pass security test on it, the result is there is still unsafe ciphers autorized SHA1 and CBC on TLS 1.2 and unsafe protocols activated TLSv1.0.

Complete list :

| TLSv1.0:
| ciphers:
| TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - Unsafe
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - Unsafe
| compressors:
| NULL
| cipher preference: client
| TLSv1.2:
| ciphers:
| TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - Unsafe
| TLS_ECDHE_ECDSA_WITH_AES_128_CCM (secp256r1) - Safe
| TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256r1) - Safe
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - Unsafe
| TLS_ECDHE_ECDSA_WITH_AES_256_CCM (secp256r1) - Safe
| TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256r1) - Safe
| TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - Safe

More details in https://ciphersuite.info website.

Is it possible to remove unsafe protocols/ciphers ?

I didn't found new source code and new compilation procedure so I can't help you more on this point (but If you need please tell me)

Have a good day

User avatar
oibaf
Contributor
Posts: 396
Joined: 2021-07-16 21:02
First name: Fabio
Last name: Alemagna

Re: Remove unsecure SHA1 ciphers

#6 Post by oibaf » 2021-07-19 18:20

Hi Remy64, it's one of the developers speaking here.

Next FileZilla Server release will impose a lower limit to the TLS version, setting it to v1.2. The Admin UI will let that limit be increased to v1.3, if the admin so desires. This should solve most of the issue you raised, leaving only two of the v1.2 ciphers you tagged as "unsafe" in the way.

After an internal discussion, it was decided that the v1.2 lower limit shall be enough for the time being.

Post Reply