Community discussions

MikroTik App
 
MGooden
just joined
Topic Author
Posts: 1
Joined: Tue Jul 12, 2016 3:53 pm
Location: South Africa

Supported SSH MACs

Tue Jul 12, 2016 4:09 pm

EDIT: Enabling strong-crypto for ssh sets these, I managed to miss this in my testing! Leaving this here for people arriving by Google.

I discovered today that I could not SSH to any of my routers as a result of our new corporate security policy.

The only MACs (Message Authentication Code, for other readers) that appear to be currently supported by the RouterOS SSH server are: `hmac-sha1,hmac-md5`
Our corporate policy only allows stronger MACs such as `hmac-sha2-256` or `hmac-sha2-512`. (Ideally we would like to be able to disable the other MACs, specifically `hmac-md5`, but that is not crucial here)

Would it be possible to enable support for these MACs in a future RouterOS release?

Thanks!
Last edited by MGooden on Tue Jul 12, 2016 5:38 pm, edited 1 time in total.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7042
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Supported SSH MACs

Tue Jul 12, 2016 5:19 pm

You can enable strong-crypto

http://wiki.mikrotik.com/wiki/Manual:IP/SSH

Who is online

Users browsing this forum: Bing [Bot], CedrikAlton, dido1236, Google [Bot], xristostsilis, xrlls and 82 guests