Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
| hardening_enterprise_filefabric [2019_01_23 11:50] – kamran | hardening_enterprise_filefabric [2019_01_23 14:19] – kamran | ||
|---|---|---|---|
| Line 44: | Line 44: | ||
| </ | </ | ||
| - | ===== SSH Settings ===== | + | ===== SSH Settings |
| This is only required for EFF instances that were initially deployed as > 1901, that are configured with a low security cipher. Please make the following changes. | This is only required for EFF instances that were initially deployed as > 1901, that are configured with a low security cipher. Please make the following changes. | ||
| + | As the root user edit the following file with the vi or nano editors: | ||
| + | < | ||
| + | vi / | ||
| + | </ | ||
| - | <TODO ADD instructions> | + | Find and replace the following line: |
| + | <code> | ||
| + | Ciphers aes128-ctr, | ||
| + | </ | ||
| + | |||
| + | with these 3 lines | ||
| + | |||
| + | < | ||
| + | KexAlgorithms curve25519-sha256@libssh.org, | ||
| + | |||
| + | Ciphers chacha20-poly1305@openssh.com, | ||
| + | |||
| + | MACs hmac-sha2-512-etm@openssh.com, | ||
| + | </ | ||
| + | |||
| + | After saving the file restart sshd service | ||
| + | |||
| + | < | ||
| + | systemctl restart sshd | ||
| + | </code> | ||
| ===== Disable CloudFTP ===== | ===== Disable CloudFTP ===== | ||
| Line 62: | Line 85: | ||
| </ | </ | ||
| - | ===== Remove Apache HTTPD server Configuration ===== | + | ===== Remove Apache HTTPD server Configuration |
| The icons directory is listed , this is not a security risk but some scanning tools can mark it as security risk. | The icons directory is listed , this is not a security risk but some scanning tools can mark it as security risk. | ||