You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The people responsible for PNNL network hygiene routinely scan our perfSONAR hosts. People from big DOE also scan our perfSONAR hosts. The managers at PNNL want a squeaky clean report from both the big DOE and PNNL scanners. To get that that they want us to disable certain SSH ciphers.
Would you please update the perfSONAR configuration scripts to append these three lines to /etc/ssh/sshd_config so that our local fix doesn't get overwritten in the future? I see you're already forcing SSH Protocol 2, which is a great start.
This is essentially a duplicate of #97, in which we have already disabled these weak ciphers. We will be revisiting this again before the 4.0 final release.
Via perfsonar-users:
Good afternoon,
The people responsible for PNNL network hygiene routinely scan our perfSONAR hosts. People from big DOE also scan our perfSONAR hosts. The managers at PNNL want a squeaky clean report from both the big DOE and PNNL scanners. To get that that they want us to disable certain SSH ciphers.
Would you please update the perfSONAR configuration scripts to append these three lines to /etc/ssh/sshd_config so that our local fix doesn't get overwritten in the future? I see you're already forcing SSH Protocol 2, which is a great start.
Thank you and best regards,
Bill Nickless / bill.nickless@pnnl.gov / +1 509 713 2455
The text was updated successfully, but these errors were encountered: