[Ach] openssh recommendataions: overview of algorithms in different versions

Martin Steigerwald martin at lichtvoll.de
Sun Nov 11 20:35:42 CET 2018


No cc needed, I am subscribed.

Tobias Mueller - 11.11.18, 19:00:
> On Sun, 2018-11-11 at 18:56 +0100, Martin Steigerwald wrote:
> > At least for Debian 9 ssh-audit complains about quite some insecure
> > ciphers, MACs and key exchange algorithms if I leave the settings as
> > default. Thus I changed them.
> 
> sounds like filing a bug is appropriate, then.

I do not think Debian OpenSSH maintainers would introduce a behavioral 
change like this during a stable cycle. Well they could warn about this 
and recommend to secure the settings, but just updating? Not without a 
warning at least.

Thanks,
-- 
Martin




More information about the Ach mailing list