Contents
【Nessus】SSH Weak Algorithms Supported 等
<!–more–>
相关问题
1 SSH Server CBC Mode Ciphers Enabled
2 SSH Weak MAC Algorithms Enabled
3 SSH Weak Algorithms Supported
修复方案
1 编辑 sshd 配置文件 /etc/ssh/sshd_config
2 默认情况
# default is aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
# aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
# aes256-cbc,arcfour
# default is hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
建议修改为
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
MACs umac-64@openssh.com,hmac-ripemd160
建议先在虚拟机上测试一下,修改配置后能否重新连接 ssh 。
之后重启 ssh 服务
systemctl restart sshd
Leave a Reply