| ▲ | lousken a day ago | |||||||||||||
That sucks, that means they will still appear in audits, they should remove them from the default. | ||||||||||||||
| ▲ | a day ago | parent | next [-] | |||||||||||||
| [deleted] | ||||||||||||||
| ▲ | PunchyHamster a day ago | parent | prev [-] | |||||||||||||
OpenSSH thankfully cares little for corporate security theathre But I can sympathise, our stuff got flagged in audit because we foolishly assumed that some requirement was checked by just having OpenSSH "new enough",but it turned out that RedHat for that RHEL version patched back some old considered insecure primitives to keep their customers happy... | ||||||||||||||
| ||||||||||||||