It is possible to disable certain ciphers used for SSH connection, for example CBC ciphers and have this changes saved upon a device reboot.
This is achieved by editing a filed called "rc.user
" in bash (requires root
The following example will show the steps to disable CBC ciphers.
cat rc.user | grep -v | "exit 0" >> rc.temp
cat << EOF >> rc.temp
cat << EO2F>> /etc/ssh/sshd_config
cp rc.temp rc.user
Note: a reboot is required for the changes to take effect.
Jan 10, 2020