Oracle Linux: SSH Vulnerability Remediation for Cipher and MACs for Oracle Linux 8
(Doc ID 3017685.1)
Last updated on SEPTEMBER 26, 2024
Applies to:
Linux OS - Version Oracle Linux 8.0 and laterLinux x86-64
Symptoms
For remediation of the weak Cipher and MACs as reported by different scanners, the different approach to rectify the config file of SSH are tried and still the rescan is reporting the same Vulnerability.
eg:- aes256-cbc & aes128-cbc reported for Ciphers and hmac-sha1 & hmac-sha1-etm@openssh.com reported for MACs
Changes
SSH config changes are made to make sure the weak MAC's & Ciphers are removed and remaining values are as given below:
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |