sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity
RHEL9-CIS/templates/etc/crypto-policies/policies/modules/NO-SSHWEAKCIPHERS.pmod.j2
Frederick Witty dd909b48c8
Fix for #320 thank you @kodebach 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
2025-04-25 11:47:17 -04:00

4 lines
319 B
Django/Jinja
Raw Blame History

# This is a subpolicy to disable weak ciphers
# for the SSH protocol (libssh and OpenSSH)
# Carried out as part of CIS Benchmark rules combined 1.6.6 and 5.1.4
cipher@SSH ={% if rhel9cis_rule_1_6_6 %} -CHACHA20-POLY1305{% endif %}{% if rhel9cis_rule_5_1_4 %} -3DES-CBC -AES-128-CBC -AES-192-CBC -AES-256-CBC{% endif %}
View git blame Copy permalink