[CentOS] Notes on openssh configuration

Sun Jan 29 22:35:25 UTC 2017
Leon Fauster <leonfauster at googlemail.com>

> Am 27.01.2017 um 19:03 schrieb Leonard den Ottolander <leonard at den.ottolander.nl>:
> You might want to add
> MACs hmac-sha2-512-etm at openssh.com,hmac-sha2-512,hmac-sha2-256-etm at openssh.com,hmac-sha2-256,hmac-sha1-etm at openssh.com,hmac-sha1,hmac-ripemd160-etm at openssh.com,hmac-ripemd160 at openssh.com,hmac-ripemd160,umac-128 at openssh.com,umac-128-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-sha1-96,umac-64-etm at openssh.com,umac-64 at openssh.com
> to your C7 ssh_config and sshd_config, or
> MACs hmac-sha2-512,hmac-sha2-256,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,umac-64 at openssh.com,hmac-sha1-96
> to your C6 ssh_config and sshd_config.

The next EL6 release (6.9) will have them marked as deprecated algorithms (disabled by default).