From 37d3ef4538e7540048704f933d502d75287b15b9 Mon Sep 17 00:00:00 2001
From: zhengxiaoxiao <zhengxiaoxiao2@huawei.com>
Date: Mon, 27 Jun 2022 12:44:00 +0000
Subject: [PATCH] remove sha1 in sshd config

---
 security.conf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/security.conf b/security.conf
index 30b9f54..65b9f67 100644
--- a/security.conf
+++ b/security.conf
@@ -97,6 +97,10 @@
 #CVE-2015-4000
 121@m@/etc/ssh/sshd_config@KexAlgorithms@ curve25519-sha256,curve25519-sha256@@libssh.org,diffie-hellman-group-exchange-sha256
 
+122@m@/etc/ssh/sshd_config@HostbasedAcceptedKeytypes@ ssh-ed25519,ssh-ed25519-cert-v01@@openssh.com,rsa-sha2-256,rsa-sha2-512
+122@m@/etc/ssh/sshd_config@GSSAPIKexAlgorithms@ gss-group14-sha256-,gss-group16-sha512-,gss-curve25519-sha256-
+122@m@/etc/ssh/sshd_config@CASignatureAlgorithms@ ssh-ed25519,sk-ssh-ed25519@@openssh.com,rsa-sha2-512,rsa-sha2-256
+
 130@systemctl@sshd.service@restart
 
 ########################################################################
-- 
Gitee