Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations gmmastros on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windos OpenSSH server vulnerability

Status
Not open for further replies.

jamescpp

IS-IT--Management
Aug 29, 2001
70
US
Hello. I have not been able to find an answer to this after hours of searching. Hoping someone here knows the answer.

I'm running Microsoft's OpenSSH server on Server 2022. It's working fine but my vulnerability scanner is saying:
[ul]
[li]Insecure MAC algorithms in use: umac-64-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,hmac-sha1
[/li]
[/ul]

I have the following setup in sshd_config and I've restarted the service.
[ul]
[li]
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,
diffie-hellman-group-exchange-sha256
MACs hmac-sha2-256,hmac-sha2-512,hmac-sha1
[/li]
[/ul]

Vulnerability remains. Anyone know how to fix this?

Thanks.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top