My Oracle Support Banner

Oracle Linux: SSH Security Configuration Rollback Problem (Doc ID 3004969.1)

Last updated on FEBRUARY 26, 2024

Applies to:

Oracle Cloud Infrastructure - Version N/A and later
Linux OS - Version Oracle Linux 7.0 to Oracle Linux 9.3 [Release OL7 to OL9U3]
Information in this document applies to any platform.

Symptoms

When attempting to disable weak cipher and insecure HMAC algorithms in SSH services following the instructions provided in this documentation: https://community.oracle.com/customerconnect/discussion/668444/how-to-disable-weak-ciphers-such-as-cipher-block-chaining-cbc-ciphers-on-oracle-linux, the changes made to the configuration files (/etc/ssh/sshd_config and /etc/sysconfig/sshd) are automatically reverting to their original settings after a certain period.

Changes

Change the configuration files (/etc/ssh/sshd_config and /etc/sysconfig/sshd) to disable the HMAC MD5 and the CBC ciphers.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.