Displaying 3 results from an estimated 3 matches for "keyalgos".
2016 Oct 19
2
SSH Weak Ciphers
...tr
> MACs hmac-sha2-512-etm at openssh.com,hmac-sha2-256-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128 at openssh.com
>
> On CentOS 6, I believe you'd have to drop all of the @openssh.com items.
Is there any command to find the supported list of KeyAlgos, MACs and Ciphers for
the particular system (e.g. EL{5,6,7})? Similar to $ openssl ciphers -v ...
>> Is just using these three ciphers like to cause me
>> any problems? Could having so few ciphers be creating a security concern
>> itself?
>
> I don't think it'...
2016 Oct 19
0
SSH Weak Ciphers
On 2016-10-19 03:11, Leon Fauster wrote:
> Is there any command to find the supported list of KeyAlgos, MACs and
> Ciphers for
> the particular system (e.g. EL{5,6,7})? Similar to $ openssl ciphers
> -v ...
The supported KexAlgorithms, Ciphers, and MACs are generally listed in
the sshd_config man page. So 'man sshd_config' then look for the
section of the item of interest.
Er...
2016 Oct 18
7
SSH Weak Ciphers
Hi,
In a recent security review some systems I manage were flagged due to
supporting "weak" ciphers, specifically the ones listed below. So first
question is are people generally modifying the list of ciphers supported by
the ssh client and sshd?
On CentOS 6 currently it looks like if I remove all the ciphers they are
concerned about then I am left with Ciphers