Hello,
I have added some lines to the /etc/ssh/sshd_config file to fix two low level vilnerabilities reported by Nessus as:
- SSH Weak Key Exchange Algorithms Enabled
- SSH Server CBC Mode Ciphers Enabled
The lines I added were:
KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-ni,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160
After restarting the SSH server, it was observed that Jenkins master was unable to communicate with the agent servers.
Is there any specific reason and what are the recommended workarounds? Please advise.
Regards,
Indunil12