disabling "weak" algorithms in sshd
Shamim Shahriar
shamim.shahriar at gmail.com
Mon Feb 17 15:09:17 UTC 2020
Good afternoon all
I had been googling for quite some time and so far came up empty, maybe
someone can shed some light or point me to the correct direction.
I have introduced a bunch of servers into an infrastructure that previously
had zero FreeBSD system. They make use of Tenable Security Centre (
tenable.com) which I believe used Nessus in the backend to identify
vulnerabilities. Amongst other things, it is picking up on (tenable/nessus
plugin ID 90317) "SSH Weak Algorithms Supported) because the server allows
"none" algorithms.
Is there any way to "select" or "selectively disable" algorithms and hashes
from sshd? According to various web sources, certain implementation on
certain distributions might have options to amend the list, but none of the
examples I have found worked on my FreeBSD system.
Would appreciate if someone could please point me to the correct direction.
Kind regards
SK
More information about the freebsd-questions
mailing list