Technical Notes

Reflection for Secure IT UNIX Client and Server 6.1 Service Pack 4 (SP4): Fixes and Features
Technical Note 2181
Last Reviewed 11-Apr-2008
Applies To
Reflection for Secure IT UNIX Client version 6.1
Reflection for Secure IT UNIX Server version 6.1
Summary

Reflection for Secure IT UNIX Client and Server 6.1 Service Pack 4 (SP4) is available for maintained customers. This technical note provides information about how to obtain your service pack, a list of features included in SP4, as well as a list of features and fixes originally included in SP2 and SP3. (There was no SP1 for Reflection for Secure IT UNIX Client and Server 6.1.)

Before you apply the service pack, note the following:

• This document references a Reflection service pack. Service packs are available to licensed Attachmate customers with current maintenance plans for these products.
• The service pack for UNIX client and server version 6.1 SP4 is a full product installation and does not require 6.1 to be installed.
• For information about logins and accessing the Download Library, see Technical Note 0200.

This note is organized into the following sections:

Obtaining Your Service Pack

Maintained customers are eligible to download the latest product releases from the Attachmate Download Library web site: https://download.attachmate.com/Upgrades/. For more information about logging into and using the Download Library, see Technical Note 0200.

Note: If you download a Sun Solaris, HP-UX, or IBM AIX package using Internet Explorer, the uppercase (.Z) extension is changed to lowercase (.z). You will need to rename the file name to use an uppercase Z before you can uncompress your files.

Installing Your Service Pack

Once you have downloaded your service pack, back up the /etc/ssh2 directory (which includes config files and host keys), uninstall your current version, and then install the service pack.

New Features and Fixes in Reflection for Secure IT 6.1 SP4

The following new feature is available in the Reflection for Secure IT version 6.1 SP4 Server and Client:

• In order to increase the security of public key authentication, the client and server now enforce strict checking of file permission and ownership modes by default. The user's .ssh2 folder is checked to ensure that it is owned by the user, and no write privileges are set for anyone else. The authorization file, private key and host public key files are checked to ensure they are owned by the user, and no read or write privileges are set for anyone else. Public key authentication fails if these file mode requirements are not met. This behavior can be disabled by adding the line "StrictModes no" to sshd2_config for the server and ssh2_config for the client.

New features in the Reflection for Secure IT version 6.1 SP4 Server:

• Support for defining multiple OCSP Responders using a comma delimited list with the server configuration keyword OcspResponder.
• Support for configuring the RevocationCA keyword independently in each PKI stanza. This enables you to specify the same or different revocation CA certificates for multiple trusted anchor points. Each PKI stanza can have one or more RevocationCA keywords. The certificates specified using RevocationCA in any given stanza apply only to that stanza and do not carry over to any other stanza. Note: If you specify an OCSP responder that uses a self-signed certificate or certificates, you must now include the RevocationCA keyword in each PKI stanza that uses that OCSP responder.
• Support for controlling whether or not server process titles are displayed in Linux using the server configuration keyword ProcessTitles. The default is yes.
• Due to possible exploits, the ssh-signer2 utility (located in /usr/bin on most UNIX systems and /usr/libexec on most Linux systems) is now installed with the setuid bit unset. This will affect environments where host-based authentication is enabled. To continue to use host-based authentication, the system administrator now needs to enable the setuid bit on the utility by entering the following command:

New features in the Reflection for Secure IT version 6.1 SP4 Client:

• Support for host certificate validation using the RevocationChecks configuration keyword. The default is “crl-after-ocsp”.
• Support for sftp servers that require absolute paths (IPSwitch WS_FTP).

Server Fixes in SP4

• In an HP environment, Reflection writes the username in utmps structure on logout, and logname now properly returns the username after running certain HP utilities.
• When a pid is reused by AIX for a new connection, scp connections now succeed.
• On Solaris, a remote file's time stamp is now updated when an sftp transfer is executed and the file is identical: "remote file is identical; transfer skipped."

Client Fixes in SP4

• When output is redirected from the terminal (batchmode), sftp2 now correctly displays the progress bar.
• ssh-keygen2 no longer outputs a message about a broken pipe.
• ssh2, scp2 and sftp2 now reset all terminal modes when exiting normally or abnormally.

New Features and Fixes in Reflection for Secure IT 6.1 SP3

The following new features are available in version 6.1 SP3:

• The server now provides more informative messages to clients when AuthFailureErrorMessages=yes and the server closes a connection due to an account restriction.
• Improved performance on non-FIPS platforms.
• Support for using an additional configuration file for scp2 connections. Use "-F config_filename" on the scp2 command line.
• Support for converting protected private keys to SSH.com format (used by F-Secure prior to 3.3.3). The ssh-keygen2 utility now uses the md5 hash when you use the -H switch to export keys to the SSH.COM format.
• Support for generating keys in the SSH.com format (used by F-Secure prior to 3.3.3). Support for this is provided with a new ssh-keygen2 command line option (--format), and a new client configuration keyword (KeygenOutputFormat). Both accept two values: "legacy" or "default".
• Support for RSA signatures with a hash scheme other than SHA1. Set the new keyword Compat.RSA.HashScheme=yes to allow the server to accept a signature with another hash scheme.
• Key exchange algorithms are now configurable. Both client and server configurations support the new "KEXs" keyword, which accepts a comma-separated list of key exchange algorithms. Supported algorithms are "diffie-hellman-group1-sha1" and "diffie-hellman-group14-sha1". The default is "diffie-hellman-group1-sha1, diffie-hellman-group14-sha1".
• Failed login attempts for non-existing users are now logged to /var/adm/loginlog for password and PAM authentication methods.
• The server now disconnects immediately when PAM authentication fails and AuthImmediateDisconnect=yes.
• Failed login attempts are now recorded for all authentication methods.
• Support for logging user login information to wtmps, utmps, and btmps on HP-UX 11iv2 (11.23) PARISC and Itanium.
• Support for recording failed login attempts on platforms where BTMP_FILE isn’t defined.
• Support for sftp logging with chroot users.
• You can now delete keys from the key agent using the list index.
• The RadiusServer keyword setting can now include a port number. For example: "RadiusServer=radius.example.com:1812".
• The IgnoreRlogin keyword is now supported in user-specific configuration files.

Note: Client Incompatibility—Certificate Authentication Fails

The Reflection for Secure IT 6.1 SP2 (or higher) servers now assume SHA1 hashed signatures for certificates containing RSA keys. The Reflection for Secure IT Windows Client 6.1 SP2 (or higher), Reflection for UNIX and OpenVMS 14.0 SP2 (or higher), and Reflection for Secure IT UNIX Client 6.1 SP2 (or higher) behavior has also been modified to use SHA1 hashes with RSA keys.

Earlier versions will experience a certificate authentication failure unless the server defaults are changed. To enable servers to accept MD5 hashed signatures from older clients, add the following line into the server's sshd2_config file:

Server Fixes in SP3

The following server issues were fixed in Service Pack 3:

• Failed login entries are now written to the btmp database when using public key or PAM authentication.
• Zero byte destination files will not be created if the source file does not exist or is not readable.
• The maximum client and server read buffer size is now 131058 (128kb -14); the default is 32768.
• The sshd2_subconfig(5) man page has been updated with applicable keywords.

Client Fixes in SP3

The following client issues were fixed in Service Pack 3:

• The host key no longer needs to exist in ~/.ssh2/hostkeys prior to issuing a remote command.
• The return value is now 0 (zero) when a local to local file transfer is successful using scp2.
• The return value is now 1 (one) for unsuccessful ssh connections when the server keyword SessionRestricted value is set to shell, subsystem and a remote command is sent to the server.
• Redirecting STDERR over an ssh connection no longer spikes the CPU.
• The ssh-keygen2(1) man page now includes the -H, -S, and -o switches.

Supported Platforms in Version 6.1 SP3

For information about platform support in Reflection for Secure IT, see Technical Note 1944.

New Features and Fixes in Reflection for Secure IT 6.1 SP2

The following new features are available in version 6.1 SP2:

• Support for certificate authentication using the Universal Principal Name field (UPN) in the Subject Alternative Name (SAN) certificate extension. To configure this, you need to create a user map file. Two new keywords are supported for this purpose: UPN and UPNregex. For additional information, refer to the ssh-certificates man page. Here are two examples:

• The ability to read both certificates and CRLs from a specified file or files. To read either a certificate or a CRL file, use the LocalPKI keyword (which replaces CRLFile) in the server configuration file. For additional information refer to the ssh-certificates man page.
• A new keyword - RevocationChecks - has been added for configuring certificate revocation checking. RevocationChecks can be used to configure both CRL and OCSP checking. Valid values are crl-after-ocsp (default), ocsp-only, crl-only, and none. Use this keyword in place of PKIDisableCRLs and OcspMode, which are now deprecated.
• The ssh-certview utility can now view CRLs and display the certificate UPN.
• The default key type and strength is now RSA 2048-bit. New host identity keys created when you first install the server use the new default. No changes are made to your existing host keys if you upgrade an existing installation.
• Support for resuming a file transferred using scp2.
• X11 libraries are no longer required on AIX, Solaris and Linux. X11 libraries are linked by default at runtime on these platforms.
• The ssh-keygen2 utility can now extract a public key from a certificate. Use the -X option as shown here:

• Support for specifying an Online Certificate Status Protocol (OCSP) responder. OCSP can be used as an alternative to CRL checking to confirm whether a certificate is valid. Using OCSP removes the need to retrieve and sort through large CRLs. To configure this, use the OcspResponder keyword in the server configuration file (sshd2_config). For additional information refer to the ssh-certificates man page.
• Support for configuring an OCSP responder that has a self-signed certificate. To configure this, use the RevocationCA keyword in the server configuration file (sshd2_config). For additional information refer to the ssh-certificates man page.
• Support for PAM Account Management with public key authentication. To configure this use the UsePAMAcctMgmt keyword. For additional information refer to the sshd2_config man page.
• Support for relaying signal requests. To configure this, use the RelaySignals keywords in client (ssh2_config) configuration file. RelaySignals accepts a comma-separated list of any of the following signals: ABRT, ALRM, FPE, HUP, ILL, INT, PIPE, QUIT, SEGV, TERM, USR1, USR2. SIGKILL and SIGSTOP cannot be caught, blocked, or ignored, so these signals are not supported. No signals are relayed by default.
• Support for immediately disconnecting an invalid user, or any user found in the User or Group Deny list. To configure this, use the AuthImmediateDisconnect keyword in the server configuration file (sshd2_config). For additional information refer to the sshd2_config man page. Immediate disconnection is disabled by default. Warning: This increases your security risk by providing clients with information about valid account names.
• Support for specifying whether the SSH server returns pertinent error messages in the disconnect message description field during user authentication failures. To configure this, use the AuthFailureErrorMessages keyword in the server configuration file (sshd2_config). For additional information refer to the sshd2_config man page. Displaying error messages during authentication failures is disabled by default. Warning: This increases your security risk by providing this information to potential attackers.
• A new keyword - PidFile - has been added for specifying the file to which the server process id will be written. Use %s (which is required) to specify the server's port number. The default value is /var/run/sshd2_%s.pid.

Server Fixes in SP2

The following server issues were fixed in Service Pack 2.

• When upgrading, the PAM config file is replaced only if it has not been modified since the initial installation.
• A forced password change with PAM authentication no longer results in continuous prompts to change the password.
• The severity of SSHD2 start-up log messages is changed from WARNING to INFO.
• When the server is running in debug mode, debug messages are no longer displayed on the client terminal.
• The server flushes all stderr data before closing a channel on the primary stream.
• SFTP now works with chroot users on AIX.

Client Fixes in SP2

The following client fixes were made in Service Pack 2:

• Redirecting STDERR over an ssh connection no longer results in CPU race condition.
• The chmod command now works with the SFTP client on HPUX.
• On the Reflection for Secure IT UNIX Client 6.1 SP2, ConnectionTimeout now returns an error message if no SSH service is offered.
• The return code for the SFTP client on Solaris SPARC is now consistent whether the –B switch is specified or not.
• SCP2 no longer causes a core dump when host certificate authentication is enabled; in other words, using the parameter HostCertificateFile instead of PublicHostKeyFile.

Supported Platforms in Version 6.1 SP2

For information about platform support in Reflection for Secure IT, see Technical Note 1944.

Security Update

Reflection for Secure IT UNIX Client and Server version 6.1 SP2 (or higher) contains a fix to a flaw in the signature verification of RSA public keys or certificates that could cause Reflection servers to accept forged signatures from a client resulting in successful man-in-the-middle attacks. The vulnerability is described in US-CERT Vulnerability Note VU #845620. For more information, see Technical Note 2137.

Related Technical Notes

0200	Using the Attachmate Download Library (FAQ)
1899	Readme: Features Introduced in Reflection for Secure IT UNIX Client and Server 6.1
1910	Security Updates and Reflection for Secure IT 6.x
1944	Supported Platforms in Reflection for Secure IT Client and Server
2137	Reflection Security Updates for US-CERT Vulnerability #845620: RSA Public Exponent 3