Rocket Software Homepage
Forum Home Forum Home > AccuTerm Knowledge Base (read only) > Connectivity
  New Posts New Posts RSS Feed - Linux v7 SSH issue
  FAQ FAQ  Forum Search   Register Register  Login Login

The AccuTerm forum has moved. Go to community.rocketsoftware.com to register for the new Rocket forum.

Forum LockedLinux v7 SSH issue

 Post Reply Post Reply
Author
Message Reverse Sort Order
TonyG View Drop Down
Beta Tester
Beta Tester


Joined: February 04 2004
Location: United States
Status: Offline
Points: 127
Post Options Post Options   Thanks (0) Thanks(0)   Quote TonyG Quote  Post ReplyReply Direct Link To This Post Topic: Linux v7 SSH issue
    Posted: May 07 2019 at 2:00pm
Yeah, we're on the same page. I went through a similar effort recently, as discussed in another thread here. The latest AccuTerm does include the latest algorithms, which I've verified as functional, and I believe older insecure ones have been deprecated or removed.
You're in a good place. Good luck!!
Tony Gravagno Nebula Research & Development
TG@ Nebula-RnD . com
http://Nebula-RnD.com/blog
http://Twitter.com/TonyGravagno
http://groups.google.com/group/mvdbms
https://www.linkedin.com/groups/64935
Back to Top
JTeter View Drop Down
Newbie
Newbie


Joined: July 14 2009
Location: United States
Status: Offline
Points: 13
Post Options Post Options   Thanks (0) Thanks(0)   Quote JTeter Quote  Post ReplyReply Direct Link To This Post Posted: May 07 2019 at 1:51pm
Tony,

Here's our current version info:
Operating System: Red Hat Enterprise Linux
     CPE OS Name: cpe:/o:redhat:enterprise_linux:7.6:GA:server

Our NetOps folks are doing things to 'harden' our servers and this particular item has popped up. Looks like there is a fix available.

Back to Top
wwf_admin View Drop Down
Admin Group
Admin Group


Joined: October 01 2003
Location: United States
Status: Offline
Points: 22
Post Options Post Options   Thanks (0) Thanks(0)   Quote wwf_admin Quote  Post ReplyReply Direct Link To This Post Posted: May 06 2019 at 6:17pm
Hi Jeff -

We have a 7.4 release available which includes the newer MAC algorithms, but it is not the default download on the web site, because it requires a new 3-part license key, and AccuTerm Maintenance. Users who inadvertently downloaded this release were unable to use their old 2-part license keys leading to frustration, so 7.4 is an optional upgrade specifically for those needing updated encryption. Please contact Jill to confirm your license key and she can get you the 7.4 download link (jillo at zumasys dot com).
Thanks, Pete
Back to Top
TonyG View Drop Down
Beta Tester
Beta Tester


Joined: February 04 2004
Location: United States
Status: Offline
Points: 127
Post Options Post Options   Thanks (0) Thanks(0)   Quote TonyG Quote  Post ReplyReply Direct Link To This Post Posted: May 03 2019 at 3:19pm
To be clear, which "v7" are you using, and which "Linux" distro and version?

I've been using v7.4a against the latest Linux Ubuntu and CentOS with no issues.
Tony Gravagno Nebula Research & Development
TG@ Nebula-RnD . com
http://Nebula-RnD.com/blog
http://Twitter.com/TonyGravagno
http://groups.google.com/group/mvdbms
https://www.linkedin.com/groups/64935
Back to Top
JTeter View Drop Down
Newbie
Newbie


Joined: July 14 2009
Location: United States
Status: Offline
Points: 13
Post Options Post Options   Thanks (0) Thanks(0)   Quote JTeter Quote  Post ReplyReply Direct Link To This Post Posted: May 03 2019 at 2:57pm
We are installing new Linux boxes with version 7 and as a part of hardening the boxes, we have lost connectivity through AccuTerm. It's been identified as the following line in the 'sshd_config' file: 

# Supported MACs | CIS 5.2.11
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com

Apparently, AccuTerm is not yet able to handle the encryption schemes for these items. We have done a temporary fix by commenting out the "MACS" line but need to get the permanent fix in before we can use these hardened servers with AccuTerm in production.

Any timeline for delivering the SSH update that's been mentioned in previous posts?

Thanks!

Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.03
Copyright ©2001-2019 Web Wiz Ltd.