/etc/ssh/sshd_config 的更改不起作用

/etc/ssh/sshd_config 的更改不起作用

我正在尝试禁用 SHA1...我更改了 /etc/ssh/sshd_config 以反映这一点:

# Ciphers and keying
#RekeyLimit default none
Ciphers [email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
MACs [email protected],[email protected],hmac-sha2-512,hmac-sha2-256
KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256

然而,重新启动服务器或运行后systemctl restart sshd,我得到了这个:

sshd -T | grep kex
gssapikexalgorithms gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1-
kexalgorithms curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1

我究竟做错了什么?

答案1

解决方案是运行:

update-crypto-policies --set FUTURE

并重启服务器。谢谢,布赖恩

相关内容