23 lines
1.1 KiB
Diff
23 lines
1.1 KiB
Diff
|
diff --git a/security.conf b/security.conf
|
||
|
|
index e5d39e2..30b9f54 100644
|
||
|
|
--- a/security.conf
|
||
|
|
+++ b/security.conf
|
||
|
|
@@ -74,7 +74,7 @@
|
||
|
|
112@m@/etc/ssh/sshd_config@Banner @/etc/issue.net
|
||
|
|
|
||
|
|
# Set sshd message authentication code algorithm
|
||
|
|
-113@m@/etc/ssh/sshd_config@MACs @hmac-sha2-512,hmac-sha2-512-etm@@openssh.com,hmac-sha2-256,hmac-sha2-256-etm@@openssh.com,hmac-sha1,hmac-sha1-etm@@openssh.com
|
||
|
|
+113@m@/etc/ssh/sshd_config@MACs @hmac-sha2-512,hmac-sha2-512-etm@@openssh.com,hmac-sha2-256,hmac-sha2-256-etm@@openssh.com
|
||
|
|
|
||
|
|
# Make sshd check file modes and ownership of the user's files and home directory before accepting login
|
||
|
|
114@m@/etc/ssh/sshd_config@StrictModes @yes
|
||
|
|
@@ -95,7 +95,7 @@
|
||
|
|
120@m@/etc/ssh/sshd_config@PermitTunnel @no
|
||
|
|
|
||
|
|
#CVE-2015-4000
|
||
|
|
-121@m@/etc/ssh/sshd_config@KexAlgorithms@ curve25519-sha256,curve25519-sha256@@libssh.org,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
|
||
|
|
+121@m@/etc/ssh/sshd_config@KexAlgorithms@ curve25519-sha256,curve25519-sha256@@libssh.org,diffie-hellman-group-exchange-sha256
|
||
|
|
|
||
|
|
130@systemctl@sshd.service@restart
|
||
|
|
|