Back to hmac-sha1 as hmac-sha2-512 prevented squeeze systems to connect

author Silvio Rhatto <rhatto@riseup.net>

Sat, 20 Jul 2013 15:43:46 +0000 (12:43 -0300)

committer Silvio Rhatto <rhatto@riseup.net>

Sat, 20 Jul 2013 15:43:46 +0000 (12:43 -0300)
author Silvio Rhatto <rhatto@riseup.net>
Sat, 20 Jul 2013 15:43:46 +0000 (12:43 -0300)
committer Silvio Rhatto <rhatto@riseup.net>
Sat, 20 Jul 2013 15:43:46 +0000 (12:43 -0300)
diff --git a/templates/sshd_config/Debian_sid.erb b/templates/sshd_config/Debian_sid.erb

index 60c15fa841e97c9a8c698cf2048f37c536ba1f32..70bb4bfc6799e34269faee2e8085c7681d319186 100644 (file)
--- a/templates/sshd_config/Debian_sid.erb
+++ b/templates/sshd_config/Debian_sid.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
  
  <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
  Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
  <% end -%>
  
  <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_wheezy.erb b/templates/sshd_config/Debian_wheezy.erb

index 60c15fa841e97c9a8c698cf2048f37c536ba1f32..70bb4bfc6799e34269faee2e8085c7681d319186 100644 (file)
--- a/templates/sshd_config/Debian_wheezy.erb
+++ b/templates/sshd_config/Debian_wheezy.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
  
  <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
  Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
  <% end -%>
  
  <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
author	Silvio Rhatto <rhatto@riseup.net>
	Sat, 20 Jul 2013 15:43:46 +0000 (12:43 -0300)
committer	Silvio Rhatto <rhatto@riseup.net>
	Sat, 20 Jul 2013 15:43:46 +0000 (12:43 -0300)
templates/sshd_config/Debian_sid.erb		patch \| blob \| history
templates/sshd_config/Debian_wheezy.erb		patch \| blob \| history