I see this has remained unanswered for a while now. Ignore if you have already found the solution.
For posterity ... On Mon, Jun 21, 2021 at 10:08 PM Amey Abhyankar via plug-mail < plug-mail@plug.org.in> wrote: > Hello All, > > Google indicated that I need to remove those entries from sshd_config in > my CentOS 8.3 > But, > I don't have those entries in my sshd_conf & in ssh_conf files. > It's the VAPT tool that has detected that CBC Mode Ciphers are enabled on > port 2 > > > Any hints on how to disable it? Thanks. > A search with your subject line copy/pasted lead me to this https://forums.centos.org/viewtopic.php?t=69503 Read the answer further in the discussion thread ... "Actually you answered your question. Define all but the weak ones. Configure sshd - for the server and ssh - for connections from this machine." > BTW I am using password based auth. No auth via public key as it's a > on-prem vm with private IP only. > Private or Public IPs -- follow the best practice. -- Arun Khan
_______________________________________________ plug-mail mailing list plug-mail@plug.org.in http://list.plug.org.in/listinfo/plug-mail
