Description
The SSH server is configured to allow either MD5 or 96-bit MAC algorithms,
both of which are considered weak. Note that this plugin only checks for the options
of the SSH server and does not check for vulnerable software versions.
Solution
Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms.
Resolução do problema base CentOS / Red Hat Linux
Editar o /etc/ssh/sshd_config e adicionar:
Código: Selecionar todos
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour
MACs hmac-sha1,hmac-ripemd160
Código: Selecionar todos
/etc/init.d/sshd reload
/etc/init.d/sshd restart