openssh unix dev - May 2016 - CBC Ciphers removal from AIX Servers

Hi,
Nessus tool identified AIX servers are configured with vulnerable ciphers.As a
remediation I have made proper changes in sshd_config file. Stop the sshd daemon
and start sshd?
Still Issue persist. I have checked on one system post system reboot
vulnerabilities went off.?
Is there any other way by which I can remove the vulnerabilities without
rebooting the servers.
Sunil

SCK wrote :
> Hi,
> Nessus tool identified AIX servers are configured with vulnerable
ciphers.As a remediation I have made proper changes in sshd_config file. Stop
the sshd daemon and start sshd?
> Still Issue persist. I have checked on one system post system reboot
vulnerabilities went off.?
> Is there any other way by which I can remove the vulnerabilities without
rebooting the servers.
> Sunil
>From what you write, it looks like "something" needs to be
restarted,
not only the sshd daemon.

I remember hitting a bug on AIX a few years ago [1]. It was linked
to CryptoLite library (some acceleration lib for crypto operation).
That library came with a kernel module. May be you should have a
look there ? Just an idea.

HTH,

Flavien.
[1] : http://thread.gmane.org/gmane.network.openssh.devel/19176