mediumaccess-controlverified ✓rollback-safe
Configure SSH to use FIPS-validated key exchange algorithms (Ubuntu)
ssh-kex-fips-ubuntu · UBUNTU ≥ 22 · 1 impl
Description
The SSH server must be configured to use only FIPS 140-3 validated key exchange algorithms. Ubuntu's approved set is broader than RHEL's (it adds the diffie-hellman-group16-sha512 and -group14-sha256 algorithms), so this rule carries the Ubuntu-specific allowlist and remediation value.
Rationale
FIPS-validated key exchange algorithms protect the establishment of the session key against cryptographic attack. Restricting the SSH server to the approved set prevents negotiation of a weaker exchange.
Check → Remediate
Checkcommand
command -v sshd >/dev/null 2>&1 || exit 0
kex=$(sshd -T 2>/dev/null | awk '/^kexalgorithms /{print $2}')
if [ -z "$kex" ]; then
echo "FAIL: could not read effective key exchange algorithms (sshd -T needs root)"
exit 1
fi
if echo "$kex" | tr ',' '\n' | grep -qvE '^(ecdh-sha2-nistp256|ecdh-sha2-nistp384|ecdh-sha2-nistp521|diffie-hellman-group-exchange-sha256|diffie-hellman-group16-sha512|diffie-hellman-group14-sha256)$'; then
echo "FAIL: non-FIPS key exchange algorithm in effective config: $kex"
exit 1
fi
echo "OK: $kex"
- expected_exit:
- 0
Remediateconfig_set_dropin
- dir:
- /etc/ssh/sshd_config.d
- file:
- 00-kensa-fips-kex.conf
- key:
- KexAlgorithms
- value:
- ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256
- restart:
- sshd
Framework references
STIG
V-270669 / UBTU-24-100840V-260533 / UBTU-22-255060
NIST 800-53
SC-8SC-13
Live verification
ubuntu22:checkubuntu24:checkubuntu26:check
#ssh#fips#kex#cryptography#stig