Rollback: hmac-sha2-512 is just supported on newer systems

diff --git a/templates/sshd_config/CentOS.erb b/templates/sshd_config/CentOS.erb
index 7498517083ce96cc31dda0b54f38acbee2c7a8c3..0f4bb1f8df5c6f2c0675a3c5aa56b98aab6b6bb2 100644 (file)
--- a/templates/sshd_config/CentOS.erb
+++ b/templates/sshd_config/CentOS.erb
@@ -146,7 +146,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>

diff --git a/templates/sshd_config/CentOS_Final.erb b/templates/sshd_config/CentOS_Final.erb
index 7498517083ce96cc31dda0b54f38acbee2c7a8c3..0f4bb1f8df5c6f2c0675a3c5aa56b98aab6b6bb2 100644 (file)
--- a/templates/sshd_config/CentOS_Final.erb
+++ b/templates/sshd_config/CentOS_Final.erb
@@ -146,7 +146,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>

diff --git a/templates/sshd_config/Debian_etch.erb b/templates/sshd_config/Debian_etch.erb
index 75b29318acf1fabb5bebda66837c93de6063223a..ef4a5d106dd62a89eeceace0c9e62badb3385bbf 100644 (file)
--- a/templates/sshd_config/Debian_etch.erb
+++ b/templates/sshd_config/Debian_etch.erb
@@ -114,7 +114,7 @@ PrintMotd <%= scope.lookupvar('sshd::print_motd') %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>

diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb
index 3aaf974d3efa97c1e1b222f283c661ebe7367044..8cbea306b12d988a3183b0208b23fb79af4cdf1d 100644 (file)
--- a/templates/sshd_config/Debian_lenny.erb
+++ b/templates/sshd_config/Debian_lenny.erb
@@ -119,7 +119,7 @@ PrintMotd <%= scope.lookupvar('sshd::print_motd') %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>

diff --git a/templates/sshd_config/Debian_squeeze.erb b/templates/sshd_config/Debian_squeeze.erb
index 40040d1b0a01969e5bbfaf28bcd6a919605e0797..befd25fe7e9841b9a676afdeb01e37c28d12866b 100644 (file)
--- a/templates/sshd_config/Debian_squeeze.erb
+++ b/templates/sshd_config/Debian_squeeze.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>

diff --git a/templates/sshd_config/FreeBSD.erb b/templates/sshd_config/FreeBSD.erb
index 81b7e10285497a3047f852e79e347ea9506e7dfd..090149b8ea01a5379373887127b6e05239c354e1 100644 (file)
--- a/templates/sshd_config/FreeBSD.erb
+++ b/templates/sshd_config/FreeBSD.erb
@@ -153,7 +153,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>

diff --git a/templates/sshd_config/Gentoo.erb b/templates/sshd_config/Gentoo.erb
index cdd51d845bb1a3ba0af9887d0116db8ad68efd0a..1cb45227c7a707db210d8b004629e61076c0a388 100644 (file)
--- a/templates/sshd_config/Gentoo.erb
+++ b/templates/sshd_config/Gentoo.erb
@@ -149,7 +149,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>

diff --git a/templates/sshd_config/OpenBSD.erb b/templates/sshd_config/OpenBSD.erb
index ea6e8a859068e4d76879549df1b78b005bbc2da9..aa92eb66a983924c3bb10f959adbd8d11874c071 100644 (file)
--- a/templates/sshd_config/OpenBSD.erb
+++ b/templates/sshd_config/OpenBSD.erb
@@ -130,7 +130,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>

diff --git a/templates/sshd_config/Ubuntu.erb b/templates/sshd_config/Ubuntu.erb
index 40040d1b0a01969e5bbfaf28bcd6a919605e0797..befd25fe7e9841b9a676afdeb01e37c28d12866b 100644 (file)
--- a/templates/sshd_config/Ubuntu.erb
+++ b/templates/sshd_config/Ubuntu.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>

diff --git a/templates/sshd_config/Ubuntu_lucid.erb b/templates/sshd_config/Ubuntu_lucid.erb
index 4d5f6405de583bfa378d5fff6c4dbf69d79ddce5..cc6e921b4d28d59545ffae0711908fd60d65ec29 100644 (file)
--- a/templates/sshd_config/Ubuntu_lucid.erb
+++ b/templates/sshd_config/Ubuntu_lucid.erb
@@ -118,7 +118,7 @@ PrintMotd <%= scope.lookupvar('sshd::print_motd') %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>