Skip to content

Commit

Permalink
reprioritize etm macs
Browse files Browse the repository at this point in the history 
See:

* dev-sec/chef-ssh-hardening#66
* https://stribika.github.io/2015/01/04/secure-secure-shell.html

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
  • Loading branch information
@arlimus
arlimus committed Jan 13, 2015
1 parent 23376a5 commit 6e8ffbd
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion default/serverspec/ssh_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ def valid_kexs

def valid_macs
# define a set of default MACs
macs66 = 'hmac-sha2-512-etm@openssh.com,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-256,umac-128-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-ripemd160'
macs66 = 'hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160'
macs59 = 'hmac-sha2-512,hmac-sha2-256,hmac-ripemd160'
macs53 = 'hmac-ripemd160,hmac-sha1'
macs = macs59
Expand Down

0 comments on commit 6e8ffbd

Please sign in to comment.