Fedora 27: Weak SSH Algorithms Supported

Created: 27 April 2016  Modified:

Recently my workstation was scanned for vulnerabilities and the Nessus scanning software reported a medium vulnerability of “SSH Weak Algorithms Supported”. The Vulnerability report had few details. Luckily I was able to find the folowing resources.

Add the following snippet to the end of your ssh_config file to disable the weak algorithms.


Protocol 2

Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128 

MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160
tags: fedora - nessus - cbc - cipher block chaining - ssh - weak - algorithm
   Less Is More