folkslinux
/
CBL-Mariner
mirror of https://github.com/microsoft/CBL-Mariner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
CBL-Mariner/SPECS/openssh
History
Christopher Co 4c70113d49
openssh: Use strong MACs and ciphers for ssh/sshd (#2857) 
By default, ssh and sshd are configured to allow using weak hashing
algorithms like MD5 and SHA1. They are also configured to use weak
encryption ciphers such as 3DES and CBC mode ciphers.

Configure ssh and sshd to use strong MAC and encryption ciphers by
default.

Strong MACs are hmac-sha2 (hmac-sha2-256, hmac-sha2-512)
Strong ciphers are aes128-ctr, aes192-ctr, aes256-ctr.

Signed-off-by: Chris Co <chrco@microsoft.com>
 		2022-04-22 22:56:25 -07:00
..
CVE-2007-2768.nopatch OpenSSH: No patch CVE-2007-2768 (#315) 2020-11-05 08:00:22 -08:00
CVE-2019-16905.patch Updating 'openssh' to 8.5p1 to fix CVE-2021-28041. (#737) (#738) 2021-03-11 18:43:17 -08:00
openssh.signatures.json Simplify OpenSSH Systemd triggers (#2709) 2022-04-21 22:16:13 +01:00
openssh.spec openssh: Use strong MACs and ciphers for ssh/sshd (#2857) 2022-04-22 22:56:25 -07:00
pam_ssh_agent-rmheaders Adding 'pam*' subpackages. (#1474) 2021-09-30 13:10:01 -07:00
pam_ssh_agent_auth-0.9.2-visibility.patch Adding 'pam*' subpackages. (#1474) 2021-09-30 13:10:01 -07:00
pam_ssh_agent_auth-0.9.3-agent_structure.patch Adding 'pam*' subpackages. (#1474) 2021-09-30 13:10:01 -07:00
pam_ssh_agent_auth-0.9.3-build.patch Adding 'pam*' subpackages. (#1474) 2021-09-30 13:10:01 -07:00
pam_ssh_agent_auth-0.10.2-compat.patch Adding 'pam*' subpackages. (#1474) 2021-09-30 13:10:01 -07:00
pam_ssh_agent_auth-0.10.2-dereference.patch Adding 'pam*' subpackages. (#1474) 2021-09-30 13:10:01 -07:00
pam_ssh_agent_auth-0.10.3-seteuid.patch Adding 'pam*' subpackages. (#1474) 2021-09-30 13:10:01 -07:00
sshd-keygen.service Initial CBL-Mariner commit to GitHub 2020-08-06 20:17:52 -07:00
sshd.service add wants=sshd-keygen.service to sshd (#58) 2020-09-15 08:38:08 -07:00