Hi, I am running openssh-server-7.4p1-21.el7.x86_64 on CentOS Linux release 7.9.2009 (Core). #cat /etc/redhat-release CentOS Linux release 7.9.2009 (Core) #rpm -qa | grep -i ssh openssh-clients-7.4p1-21.el7.x86_64 libssh2-1.8.0-4.el7.x86_64 openssh-7.4p1-21.el7.x86_64 openssh-server-7.4p1-21.el7.x86_64 # I have configured the below SSH configuration as part of hardening to address vulnerabilities. KexAlgorithms curve25519-sha256,curve25519-sha256@xxxxxxxxxx > ,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256 > Ciphers chacha20-poly1305@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx, > aes128-gcm@xxxxxxxxxxx,aes256-ctr,aes192-ctr,aes128-ctr > MACs hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx Is there a way to validate if the above Key exchange, Cipher and MAC algorithms address the vulnerabilities? Please guide. Thanks in advance. Best Regards, Kaushal _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
