few vulnerabilites have been reported in my R81.20 cluster on AWS.. prominently i am looking to resolve weak kex and MaCs.
from GAIA i ran -> set ssh server kex ___ off & set ssh server mac ___ off for the reported ones however they were still getting detected.
Just to check I then ran
sshd -T -C addr=localhost | grep -i mac
and the output says i have hmac-1 enabled although i have disabled it via GAIA commands.( same goes for disabled weak kex)
I then tried to edit /etc/ssh/sshd_config file but it seems like in R81.20 it is read only.. i am not sure how to proceed on this.
Any help is appreciated.