Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Linux Security Policy: Ensure only strong ciphers are used remediation steps don't work on Ubuntu 24.04 #452

Open
tas50 opened this issue Nov 18, 2024 · 1 comment
Assignees
Labels
bug Something isn't working

Comments

@tas50
Copy link
Member

tas50 commented Nov 18, 2024

Describe the bug
Linux Security Policy: Ensure only strong ciphers are used remediation steps don't work on Ubuntu 24.04

The following failure occurs after using the ciphers the policy recommends:

[failed] sshd.config.ciphers != empty
sshd.config.ciphers.containsOnly(props.mondooLinuxSecuritySshdCiphers)

  [ok] value: [
    0: "chacha20-poly1305@openssh.com"
    1: "aes256-gcm@openssh.com"
    2: "aes128-gcm@openssh.com"
    3: "aes256-ctr"
    4: "aes192-ctr"
    5: "aes128-ctr"
  ]
  [failed] [].containsOnly()
    expected: == _
    actual:   [
      0: "chacha20-poly1305@openssh.com"
      1: "aes256-gcm@openssh.com"
      2: "aes128-gcm@openssh.com"
    ]
@chris-rock chris-rock added the bug Something isn't working label Nov 19, 2024
@mm-weber mm-weber self-assigned this Nov 21, 2024
@mm-weber
Copy link
Contributor

Image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

3 participants