Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

SSH Cipher, SSH Hmac Version

Anyone can provide me the step of SSH Server Cipher and Hmac Version to change.

Thanks 

Win

0 Kudos
Reply
10 Replies
Champion
Champion

Honestly - no comprendo señor, can you please detail what you want to achieve ?

0 Kudos
Reply

Hi G_W_Albrecht,

 

I mean, I want to change ssh cipher to strong encryption  example ( ciphers aes256-cbc) and also hmac want to do the same

Thanks,

Win

0 Kudos
Reply
Contributor

To change SSH Ciphers you have to edit this file:

 

etc/ssh/sshd_config

 

regards

Roman

0 Kudos
Reply

Hi Roman_Niewiad01

 

Meaning we need to access with winscp and edit sshd_config file? How about cipher hmac file? 

0 Kudos
Reply
Advisor

Take a look at this thread.

It should explain the process to you 😉

0 Kudos
Reply

Hi Roman

 

I see brother. I found this on the checkpoint. 

# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc

 

Cipher aes256-ctr

Are we able to change this? How about for Cipher 3des can change to higher version? 

 

Best Regards,

Win

 

0 Kudos
Reply
Contributor

The last two lines in this files are the settings for the encryption.
If you are using R77.30 it could be, that the sshd is to old and the new settings don`t take affect.
0 Kudos
Reply

Hi Roman,

 

Nope we are using R80.10 

0 Kudos
Reply
Collaborator

You just need to modify the lines in /etc/ssh/ssh_config and /etc/ssh/sshd_config and restart sshd to take effect.

 

 

0 Kudos
Reply
Collaborator

In my /etc/ssh/sshd_config:
Ciphers aes256-ctr,aes128-ctr,aes192-ctr
MACs hmac-sha1

This will force other machines connecting via ssh to use those Cipers and MACs
0 Kudos
Reply