[PLUG] How to disable 'SSH server CBC Mode Ciphers' in CentOS 8.3.2011?

Arun Khan knura9 at gmail.com
Mon Nov 1 00:29:01 IST 2021


I see this has remained unanswered for a while now.
Ignore if you have already found the solution.

For posterity ...

On Mon, Jun 21, 2021 at 10:08 PM Amey Abhyankar via plug-mail <
plug-mail at plug.org.in> wrote:

> Hello All,
>
> Google indicated that I need to remove those entries from sshd_config in
> my CentOS 8.3
> But,
> I don't have those entries in my sshd_conf & in ssh_conf files.
> It's the VAPT tool that has detected that CBC Mode Ciphers are enabled on
> port 2
>


>
> Any hints on how to disable it? Thanks.
>

A search with your subject line copy/pasted lead me to this
https://forums.centos.org/viewtopic.php?t=69503

Read the answer further in the discussion thread ...
"Actually you answered your question. Define all but the weak ones.
Configure sshd - for the server and ssh - for connections from this
machine."


> BTW I am using password based auth. No auth via public key as it's a
> on-prem vm with private IP only.
>

Private or Public IPs -- follow the best practice.

--
Arun Khan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.plug.org.in/pipermail/plug-mail/attachments/20211031/b034df4c/attachment.htm>


More information about the plug-mail mailing list