|
| The AccuTerm forum has moved. Go to community.rocketsoftware.com to register for the new Rocket forum. |
|
Post Reply 
|
| Author | |
JTeter 
Newbie 
Joined: July 14 2009 Location: United States Status: Offline Points: 13 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: Linux v7 SSH issuePosted: May 03 2019 at 2:57pm |
|
We are installing new Linux boxes with version 7 and as a part of hardening the boxes, we have lost connectivity through AccuTerm. It's been identified as the following line in the 'sshd_config' file:
# Supported MACs | CIS 5.2.11 MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com Apparently, AccuTerm is not yet able to handle the encryption schemes for these items. We have done a temporary fix by commenting out the "MACS" line but need to get the permanent fix in before we can use these hardened servers with AccuTerm in production. Any timeline for delivering the SSH update that's been mentioned in previous posts? Thanks! |
|
 |
|
|
TonyG
Beta Tester 
Joined: February 04 2004 Location: United States Status: Offline Points: 127 |
Post Options
Thanks(0)
Quote Reply
Posted: May 03 2019 at 3:19pm |
|
To be clear, which "v7" are you using, and which "Linux" distro and version?
I've been using v7.4a against the latest Linux Ubuntu and CentOS with no issues. |
|
|
Tony Gravagno Nebula Research & Development
TG@ Nebula-RnD . com http://Nebula-RnD.com/blog http://Twitter.com/TonyGravagno http://groups.google.com/group/mvdbms https://www.linkedin.com/groups/64935 |
|
|
|
|
wwf_admin
Admin Group 
Joined: October 01 2003 Location: United States Status: Offline Points: 22 |
Post Options
Thanks(0)
Quote Reply
Posted: May 06 2019 at 6:17pm |
|
Hi Jeff -
We have a 7.4 release available which includes the newer MAC algorithms, but it is not the default download on the web site, because it requires a new 3-part license key, and AccuTerm Maintenance. Users who inadvertently downloaded this release were unable to use their old 2-part license keys leading to frustration, so 7.4 is an optional upgrade specifically for those needing updated encryption. Please contact Jill to confirm your license key and she can get you the 7.4 download link (jillo at zumasys dot com). Thanks, Pete |
|
|
|
|
JTeter
Newbie
Joined: July 14 2009 Location: United States Status: Offline Points: 13 |
Post Options
Thanks(0)
Quote Reply
Posted: May 07 2019 at 1:51pm |
|
Tony,
Here's our current version info: Operating System: Red Hat Enterprise Linux CPE OS Name: cpe:/o:redhat:enterprise_linux:7.6:GA:server Our NetOps folks are doing things to 'harden' our servers and this particular item has popped up. Looks like there is a fix available. |
|
|
|
|
TonyG
Beta Tester
Joined: February 04 2004 Location: United States Status: Offline Points: 127 |
Post Options
Thanks(0)
Quote Reply
Posted: May 07 2019 at 2:00pm |
|
Yeah, we're on the same page. I went through a similar effort recently, as discussed in another thread here. The latest AccuTerm does include the latest algorithms, which I've verified as functional, and I believe older insecure ones have been deprecated or removed.
You're in a good place. Good luck!! |
|
|
Tony Gravagno Nebula Research & Development
TG@ Nebula-RnD . com http://Nebula-RnD.com/blog http://Twitter.com/TonyGravagno http://groups.google.com/group/mvdbms https://www.linkedin.com/groups/64935 |
|
|
|
|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
Linux v7 SSH issue
Topic Options