Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Linux (RHEL/CentOS/AlmaLinux).

  1. Edit /etc/ssh/sshd_config and restrict the Ciphers directive:

    Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com

  2. Restart the SSH service:

    sudo systemctl restart sshd
Back to top