{"id":11195,"date":"2021-09-28T14:49:56","date_gmt":"2021-09-28T06:49:56","guid":{"rendered":"https:\/\/ailog.tw\/lifelog\/?p=11195"},"modified":"2021-09-28T15:10:34","modified_gmt":"2021-09-28T07:10:34","slug":"ssh-server-cbc","status":"publish","type":"post","link":"https:\/\/ailog.tw\/lifelog\/2021\/09\/28\/ssh-server-cbc\/","title":{"rendered":"SSH\u670d\u52d9\u88ab\u5f31\u9ede\u6383\u63cf\u6aa2\u6e2c\u51fa\u300cSSH Server CBC Mode Ciphers Enabled\u300d\u5982\u4f55\u6539\u5584"},"content":{"rendered":"<p><span style=\"font-size: 14pt; font-family: verdana, geneva;\">\u76f8\u4fe1\u8d8a\u4f86\u8d8a\u591a\u55ae\u4f4d\u88ab\u8981\u6c42\u9032\u884c\u5f31\u9ede\u6383\u63cf\uff0c\u800c\u5728Linux\u4e3b\u6a5f\u4e0a\u5e38\u898b\u7684SSH\u5f31\u9ede\u662f\u300cSSH Server CBC Mode Ciphers Enabled\u300d\uff0c\u5c0f\u7de8\u4eca\u5929\u5c31\u4f86\u5206\u4eab\u4e00\u4e0b\u5982\u4f55\u6392\u9664\u9019\u500b\u5f31\u9ede\u3002<!--more--><\/span><\/p>\n<p><span style=\"font-size: 14pt; font-family: verdana, geneva;\">\u5f31\u9ede\u6383\u63cf\u5f71\u97ff\u8aaa\u660e\uff1a<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\"><a href=\"https:\/\/www.tenable.com\/plugins\/nessus\/70658\">https:\/\/www.tenable.com\/plugins\/nessus\/70658<\/a><\/span><\/p>\n<p><span style=\"font-size: 14pt; font-family: verdana, geneva;\">[\u7bc4\u4f8b\u60c5\u5883]<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">01\u3001\u4f5c\u696d\u7cfb\u7d71\u70baFreeBSD 12.2-RELEASE-p7<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">02\u3001SSH\u7248\u672c\u70baOpenSSH_7.9p1<\/span><\/p>\n<p><span style=\"font-size: 14pt; font-family: verdana, geneva;\">[\u64cd\u4f5c\u6b65\u9a5f]<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">01\u3001\u6aa2\u6e2cSSH Server\u76ee\u524d\u7684\u8a2d\u5b9a<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">\u6307\u4ee4\u8a9e\u6cd5\uff1a<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">sshd -T |grep ciphers<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-11198 size-full\" src=\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-01.png\" alt=\"\" width=\"683\" height=\"93\" srcset=\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-01.png 683w, https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-01-300x41.png 300w\" sizes=\"auto, (max-width: 683px) 100vw, 683px\" \/><\/span><\/p>\n<p><span style=\"font-size: 14pt; font-family: verdana, geneva;\">02\u3001\u8b8a\u66f4\u8a2d\u5b9a<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">(1)\u3001\u7de8\u8f2f\u8a2d\u5b9a\u6a94<br \/>\n\u6307\u4ee4\u8a9e\u6cd5\uff1a<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">vi \/etc\/ssh\/sshd_config<br \/>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-11199 size-full\" src=\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-02.png\" alt=\"\" width=\"407\" height=\"72\" srcset=\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-02.png 407w, https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-02-300x53.png 300w\" sizes=\"auto, (max-width: 407px) 100vw, 407px\" \/><\/span><\/p>\n<p><span style=\"font-size: 14pt; font-family: verdana, geneva;\">(2)\u3001\u4fee\u6539\u8a2d\u5b9a\u53c3\u6578<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">\u65b0\u589e\u4e0b\u5217\u8a2d\u5b9a\u503c<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">Ciphers aes128-ctr,aes192-ctr,aes256-ctr<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-11200 size-full\" src=\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-03.png\" alt=\"\" width=\"431\" height=\"181\" srcset=\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-03.png 431w, https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-03-300x126.png 300w\" sizes=\"auto, (max-width: 431px) 100vw, 431px\" \/><\/span><\/p>\n<p><span style=\"font-size: 14pt; font-family: verdana, geneva;\">03\u3001\u91cd\u65b0\u555f\u52d5SSH\u670d\u52d9<br \/>\n\u6307\u4ee4\u8a9e\u6cd5\uff1a<br \/>\n\/etc\/rc.d\/sshd restart<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-11201 size-full\" src=\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-04.png\" alt=\"\" width=\"468\" height=\"152\" srcset=\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-04.png 468w, https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-04-300x97.png 300w\" sizes=\"auto, (max-width: 468px) 100vw, 468px\" \/><\/span><\/p>\n<p><span style=\"font-size: 14pt; font-family: verdana, geneva;\">04\u3001\u91cd\u65b0\u6aa2\u6e2cSSH Server\u8a2d\u5b9a<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">\u6307\u4ee4\u8a9e\u6cd5\uff1a<\/span><br \/>\n<span style=\"font-size: 14pt; font-family: verdana, geneva;\">sshd -T |grep ciphers<br \/>\n<\/span><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-11205 size-full\" src=\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-05.png\" alt=\"\" width=\"409\" height=\"87\" srcset=\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-05.png 409w, https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2021\/09\/ssh-server-cbc-05-300x64.png 300w\" sizes=\"auto, (max-width: 409px) 100vw, 409px\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u76f8\u4fe1\u8d8a\u4f86\u8d8a\u591a\u55ae\u4f4d\u88ab\u8981\u6c42\u9032\u884c\u5f31\u9ede\u6383\u63cf\uff0c\u800c\u5728Linux\u4e3b\u6a5f\u4e0a\u5e38\u898b\u7684SSH\u5f31\u9ede\u662f\u300cSSH Server CBC Mo &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/ailog.tw\/lifelog\/2021\/09\/28\/ssh-server-cbc\/\" class=\"more-link\">\u95b1\u8b80\u5168\u6587<span class=\"screen-reader-text\">\u3008SSH\u670d\u52d9\u88ab\u5f31\u9ede\u6383\u63cf\u6aa2\u6e2c\u51fa\u300cSSH Server CBC Mode Ciphers Enabled\u300d\u5982\u4f55\u6539\u5584\u3009<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":11202,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,380,379],"tags":[145,121,4830,39,4829],"class_list":["post-11195","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-itinfo","category-freebsd","category-linux","tag-freebsd","tag-linux","tag-nessus-plugin-id-70658","tag-ssh","tag-ssh-server-cbc-mode-ciphers-enabled"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/posts\/11195","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/comments?post=11195"}],"version-history":[{"count":5,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/posts\/11195\/revisions"}],"predecessor-version":[{"id":11206,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/posts\/11195\/revisions\/11206"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/media\/11202"}],"wp:attachment":[{"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/media?parent=11195"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/categories?post=11195"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/tags?post=11195"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}