Skip to main content

How to disable weak SSH cipher and MAC algoritms in Ubuntu 14.04 (or any other GNU/Linux distro)

If you still have an Ubuntu 14.04 LTS (or any other old distro) in a production environment, most likely the SSH service is accepting weak cipher and MAC algorithms. At present, the cipher algorithms considered to be weak are: CBC (3des-cbc, aes128-cbc, aes192-cbc, aes256-cbc, blowfish-cbc, cast128-cbc, and [1] [2] and RC4 (arcfour, arcfour128, and arcfour256) [3]. While the MAC algorithms in this condition are: MD5 (hmac-md5, hmac-md5-96,, and and 96-bit algorithms (hmac-sha1-96 and

Now, how is it possible to know if these algorithms are being used by the SSH service in any given GNU/Linux system? Simply by executing the following command within the system we want to verify (assuming the SSH service is listening on port TCP/22):
 # ssh -vvv localhost -p 22
The previous command should show an output similar to this one:
Here, all the algorithms supported by the SSH service can be seen (highlighted in blue in the image above). In this example, the service is using the default configuration in Ubuntu 14.04 LTS which allows the use of vulnerable algorithms previously mentioned (highlighted in red).

To remedy this, the following must be done:

1) Edit the file /etc/ssh/sshd_config and add the following two lines at the end of it:
 Ciphers aes128-ctr,aes192-ctr,aes256-ctr,,,

2) Restart the SSH service to apply the changes.
 # service sshd restart

Once this is done, the SSH service will stop accepting weak cipher and MAC algorithms and this will improve the security of this service. In following Ubuntu TLS versions (such as 16.04 or 18.04) this modification is not necessary. Nevertheless, the steps detailed here can be also used to verify the configuration of the SSH service and to perform the aforementioned modifications in any GNU/Linux distro.