In this guide we shall discuss “how to disable RC4 Cipher Algorithms support in SSH Server”. RC4 is a stream cipher and it is remarkable for its simplicity and speed in software. multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Please see Azure Application Gateway: Practical Configuration Guide, and Azure Arc for SQL Server PAYG: Installation, Connectivity Requirements and Operational Best Practices.
By default, both SSH and Apache allow RC4, however RC4 can no longer be seen as providing a sufficient level of security for SSH sessions. It has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks.
Also, see Azure Managing Subscriptions with PowerShell: From Login-AzAccount to Resource Control and Private Endpoint Verification for Azure File Share”, and how to Assign a Public IP to Azure Virtual Machine (VM).
How to disable RC4 Cipher Algorithms
Furthermore, To disable RC4 Cipher is very easy and can be done in few steps. The RC4 ciphers are the ciphers known as arcfour in SSH.
However, You can disallow the use of these ciphers by modifying the configuration, as seen below.
- Log in to the server with the root account via SSH
- Edit the /etc/ssh/sshd_config file and add the following line:
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc
Restart the sshd service to make the changes take effect:
service sshd restart
I hope you found this blog post on how to disable RC4 Cipher Algorithms helpful. Please let me know in the comment session if you have any questions.
