CBC Ciphers has been declared weak but remain present in many of the servers.
Mostly ssh kept it in the default setting in its config.
https://www.suse.com/security/cve/CVE-2008-5161/
If you are paranoid user you can edit /etc/ssh/sshd_config and/or /etc/ssh/ssh_config
and remove cbc ciphers from the Cipher list.
Mostly ssh kept it in the default setting in its config.
https://www.suse.com/security/cve/CVE-2008-5161/
If you are paranoid user you can edit /etc/ssh/sshd_config and/or /etc/ssh/ssh_config
and remove cbc ciphers from the Cipher list.
No comments:
Post a Comment