RHEL - Why does SSH connection select aes128-ctr cipher over aes256-ctr by default?
Issue
- SSH connections by default appear to be using
aes128-ctr
whenaes256-ctr
is more secure. -
RHEL 8 default order of ciphers in
/etc/ssh/ssh_config
file.# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
-
RHEL 7 default order of ciphers in
/etc/ssh/ssh_config
file.# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
Environment
- Red Hat Enterprise Linux (RHEL) 8
- Red Hat Enterprise Linux (RHEL) 7
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.