Date: Mon, 17 Feb 2020 15:09:04 +0000 From: Shamim Shahriar <shamim.shahriar@gmail.com> To: "freebsd-questions@FreeBSD.org" <freebsd-questions@freebsd.org> Subject: disabling "weak" algorithms in sshd Message-ID: <CAOyJeZTbbkpznciYMaCOWswrtDDbo9AGiBdw3i6tcaz__CjS%2BQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Good afternoon all I had been googling for quite some time and so far came up empty, maybe someone can shed some light or point me to the correct direction. I have introduced a bunch of servers into an infrastructure that previously had zero FreeBSD system. They make use of Tenable Security Centre ( tenable.com) which I believe used Nessus in the backend to identify vulnerabilities. Amongst other things, it is picking up on (tenable/nessus plugin ID 90317) "SSH Weak Algorithms Supported) because the server allows "none" algorithms. Is there any way to "select" or "selectively disable" algorithms and hashes from sshd? According to various web sources, certain implementation on certain distributions might have options to amend the list, but none of the examples I have found worked on my FreeBSD system. Would appreciate if someone could please point me to the correct direction. Kind regards SK
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOyJeZTbbkpznciYMaCOWswrtDDbo9AGiBdw3i6tcaz__CjS%2BQ>