4405271e69
This patch is a follow-on docs patch for the sshd configuration work. Implements: blueprint security-rhel7-stig Change-Id: Ie140302bd0a20282f2f08a1296e04217e52da114
442 B
442 B
---id: RHEL-07-040490 status: implemented tag: sshd ---
The Protocol configuration is set to 2 in
/etc/ssh/sshd_config and sshd is restarted.
Deployers can opt out of this change by setting the following Ansible variable:
security_sshd_protocol: 2Warning
There is no reason to enable any other protocol than SSHv2. SSHv1 has multiple vulnerabilities, and it is no longer widely used.