hmac-ripemd160 no longer available on openssh 7.6 and newer (2017+) #8212
Comments
msmeissn
changed the title
|
This is not available on Ubuntu 22.04 either. Bug encountered in version 0.1.68 at the same point. This prevents SSHD from starting. Recommend checking sshd_config.5 man file for valid ciphers, algorithms, and MACs as part of the automatic fix. |
|
FYI @dodys |
|
This is being addressed in #10739 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description of problem:
linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs remediation tries to inject a "hmac-ripemd160" hmac.
this is not available on SLES 15.
It was removed with openssh 7.6 upstream in 2017, so it probably can go away here too.
https://www.openssh.com/txt/release-7.6
SCAP Security Guide Version:
0.1.60
Operating System Version:
SUSE Linux Enterprise Server 15 SP2
Steps to Reproduce:
Actual Results:
sshd no longer starts, complains about "MACs [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160" line
Expected Results:
sshd starts
Additional Information/Debugging Steps:
The text was updated successfully, but these errors were encountered: