SSH Weak Cipher Algorithm 조치

# vi /etc/ssh/sshd_config

 

주석처리 : #HostKey /etc/ssh/ssh_host_ecdsa_key

 

내용추가 : KexAlgorithms, ciphers, macs 각 1줄씩

 

KexAlgorithms diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,curve25519-sha256@libssh.org
ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
macs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com

 

# service sshd restart