My Oracle Support Banner

[PCA 2.x] SSH Weak Message Authentication Code Algorithms (Doc ID 2870228.1)

Last updated on NOVEMBER 12, 2023

Applies to:

Private Cloud Appliance - Version 2.3.1 and later
Linux x86-64

Symptoms

A customer-performed security scan may flag the following issue:

SSH Weak Message Authentication Code Algorithms

Description:

The SSH server supports cryptographically weak Hash-based message authentication codes (HMACs) including MD5 or 96-bit Hash-based algorithms.

Vulnerability Solution:

Consult the product documentation for instructions to disable any insecure MD5 or 96-bit HMAC algorithms within the SSH configuration.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.