Bug 1375179
Summary: | [RFE] RC4 and CBC ciphers shipped with openssh and openssh-server should be removed | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Muhammad Azhar Shaikh <mdshaikh> |
Component: | openssh | Assignee: | Jakub Jelen <jjelen> |
Status: | CLOSED ERRATA | QA Contact: | Hubert Kario <hkario> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.2 | CC: | mgrepl, nmavrogi, szidek, thibaut.pouzet |
Target Milestone: | rc | Keywords: | FutureFeature |
Target Release: | 7.4 | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | openssh-7.4p1-1.el7 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-08-01 18:42:47 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1335929, 1377248 |
Comment 2
Jakub Jelen
2016-09-14 11:16:01 UTC
While we're at it - can we also remove the arcfour ciphers? My security scanner (Greenbone) reports: > Vulnerability Insight > The ‘arcfour‘ cipher is the Arcfour stream cipher with 128-bit keys. The Arcfour cipher is believed to be > compatible with the RC4 cipher {[}SCHNEIER{]}. Arcfour (and RC4) has problems with weak keys, and > should not be used anymore. Currently this is not yet reflected on the customer portal: https://access.redhat.com/solutions/420283 But I don't know where I would let them know... So I came here ;) Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2017:2029 |