Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

SSH Cipher, SSH Hmac Version

Anyone can provide me the step of SSH Server Cipher and Hmac Version to change.

Thanks 

Win

0 Kudos
10 Replies
Highlighted
Sapphire

Honestly - no comprendo señor, can you please detail what you want to achieve ?

0 Kudos
Highlighted

Hi G_W_Albrecht,

 

I mean, I want to change ssh cipher to strong encryption  example ( ciphers aes256-cbc) and also hmac want to do the same

Thanks,

Win

0 Kudos
Highlighted

To change SSH Ciphers you have to edit this file:

 

etc/ssh/sshd_config

 

regards

Roman

0 Kudos
Highlighted

Hi Roman_Niewiad01

 

Meaning we need to access with winscp and edit sshd_config file? How about cipher hmac file? 

0 Kudos
Highlighted
Silver

Take a look at this thread.

It should explain the process to you 😉

0 Kudos
Highlighted

Hi Roman

 

I see brother. I found this on the checkpoint. 

# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc

 

Cipher aes256-ctr

Are we able to change this? How about for Cipher 3des can change to higher version? 

 

Best Regards,

Win

 

0 Kudos
Highlighted

The last two lines in this files are the settings for the encryption.
If you are using R77.30 it could be, that the sshd is to old and the new settings don`t take affect.
0 Kudos
Highlighted

Hi Roman,

 

Nope we are using R80.10 

0 Kudos
Highlighted
Copper

You just need to modify the lines in /etc/ssh/ssh_config and /etc/ssh/sshd_config and restart sshd to take effect.

 

 

0 Kudos
Highlighted
Copper

In my /etc/ssh/sshd_config:
Ciphers aes256-ctr,aes128-ctr,aes192-ctr
MACs hmac-sha1

This will force other machines connecting via ssh to use those Cipers and MACs
0 Kudos