Disable CBC Ciphers for SSH on Digi CM

It is possible to disable certain ciphers used for SSH connection, for example CBC ciphers and have this changes saved upon a device reboot.

This is achieved by editing a filed called "rc.user" in bash (requires root access)

The following example will show the steps to disable CBC ciphers.

cd /usr2
cat rc.user | grep -v | "exit 0" >> rc.temp
cat << EOF >> rc.temp
cat << EO2F>> /etc/ssh/sshd_config
Ciphers aes256-ctr,aes192-ctr,aes128ctr,arcfour
exit 0
cp rc.temp rc.user​

NOTE: A reboot is required for the changes to take effect.
Last updated: Jan 14, 2020

Filed Under


Recently Viewed

No recently viewed articles

Did you find this article helpful?