Hanno Böck - 11.11.18, 12:53: > Here's my recommendation for OpenSSH algorithm security: > Don't touch the default settings.
At least for Debian 9 ssh-audit complains about quite some insecure ciphers, MACs and key exchange algorithms if I leave the settings as default. Thus I changed them. Thing: While upstream may have done the work to deprecate unsafe settings and remove them… there is a delay till this work hits stable distributions. For SLES and RHEL this may take even quite a bit longer than with Debian. I'd rather not wait. -- Martin _______________________________________________ Ach mailing list [email protected] https://lists.cert.at/cgi-bin/mailman/listinfo/ach
