[CentOS] Notes on openssh configuration

Fri Jan 27 21:56:04 UTC 2017
Gordon Messmer <gordon.messmer at gmail.com>

On 01/27/2017 10:59 AM, Leonard den Ottolander wrote:
> https://en.wikipedia.org/wiki/MD5  seems to disagree:


No, it doesn't.  That page links to RFC 6151, which notes:

"It is not urgent to stop using MD5 in other ways, such as HMAC-MD5"

There's nothing wrong with disabling hmac-md5 in your own 
configurations.  I do it.  But having it enabled is not considered by 
experts to be a flaw, and it should not be alarming.