Eliminating Security Vulnerabilities at PORT 22

Issue : There are findings related to security at PORT 22 after Vulnerability Assessment and Penetration Testing (VAPT).

The below are the vulnerabilities :

1. SSH Weak Algorithms Supported.
2. SSH Server CBC Mode Ciphers Enabled.
3. SSH Weak MAC Algorithms Enabled.
4. SSH Server CBC Mode Ciphers Enabled.

Solution : In order to attend the vulnerabilities you need to login as root and follow the below steps.

Step 1 : Go to the directory as below (/etc/ssh).

etcSSH

Step 2 : edit sshd_config file as below.

sshdConf1

Remove weak ciphers arcfour256,arcfour128 and save the file.

sshdConf2

Step 3 : Re-scan the port for vulnerability and you will find the errors are eliminated now.

Cheers..!