How To Disable 96-bit HMAC Algorithms And MD5-based HMAC Algorithms On Solaris sshd (Doc ID 1682164.1)

Last updated on MARCH 05, 2017

Applies to:

Solaris Operating System - Version 10 3/05 HW2 to 11.3 [Release 10.0 to 11.0]
Solaris Operating System - Version 10 3/05 and later
Information in this document applies to any platform.

Symptoms

 

The security scanner reported following vulnerabilities on Solaris regarding SunSSH sshd (secure shell daemon):


Vulnerability Info for Vuln_id= 78685
App Id 59
Application SSH
Vuln Name SSH Insecure HMAC Algorithms Enabled
Vuln Score 131
Advisories
nCircle CVSS Base Score: 4.0
Risk Remote Access
Skill No Known Exploit
Strategy Data-Driven Attack
Description
DESCRIPTION :

Insecure HMAC Algorithms are enabled

SOLUTION:

Disable any 96-bit HMAC Algorithms.
Disable any MD5-based HMAC Algorithms.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms