Oracle Linux: SSH Security Configuration Rollback Problem
(Doc ID 3004969.1)
Last updated on FEBRUARY 26, 2024
Applies to:
Oracle Cloud Infrastructure - Version N/A and laterLinux OS - Version Oracle Linux 7.0 to Oracle Linux 9.3 [Release OL7 to OL9U3]
Information in this document applies to any platform.
Symptoms
When attempting to disable weak cipher and insecure HMAC algorithms in SSH services following the instructions provided in this documentation: https://community.oracle.com/customerconnect/discussion/668444/how-to-disable-weak-ciphers-such-as-cipher-block-chaining-cbc-ciphers-on-oracle-linux, the changes made to the configuration files (/etc/ssh/sshd_config and /etc/sysconfig/sshd) are automatically reverting to their original settings after a certain period.
Changes
Change the configuration files (/etc/ssh/sshd_config and /etc/sysconfig/sshd) to disable the HMAC MD5 and the CBC ciphers.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |