SSHD is setup with unsecured cyphers like CBC (see https://www.kb.cert.org/vuls/id/958563). These cyphers should be removed.
There is already a PR filed here: https://github.com/jenkinsci/sshd-module/pull/5. This will also need to be integrated in core hence this ticket.
- is related to
-
JENKINS-33021 trilead ssh MAC and key exchange algorithms severely outdated
-
- Resolved
-
- links to
[JENKINS-39805] Remove unsafe cyphers of SSHD module
Remote Link | New: This issue links to "sshd-module - PR#5 (Web Link)" [ 15054 ] |
Labels | New: security |
Link |
New:
This issue is related to |
Resolution | New: Fixed [ 1 ] | |
Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
Assignee | New: Oleg Nenashev [ oleg_nenashev ] |
Ideally also makes sense to add new Ciphers, but it is blocked by
JENKINS-33021