diff --git a/bin/hardening/9.3.11_sshd_ciphers.sh b/bin/hardening/9.3.11_sshd_ciphers.sh index c521cc0..e528b35 100755 --- a/bin/hardening/9.3.11_sshd_ciphers.sh +++ b/bin/hardening/9.3.11_sshd_ciphers.sh @@ -14,7 +14,7 @@ set -u # One variable unset, it's over HARDENING_LEVEL=2 PACKAGE='openssh-server' -OPTIONS='Ciphers=aes128-ctr,aes192-ctr,aes256-ctr' +OPTIONS='Ciphers=chacha20-poly1305@openssh\.com,aes256-gcm@openssh\.com,aes128-gcm@openssh\.com,aes256-ctr,aes192-ctr,aes128-ctr' FILE='/etc/ssh/sshd_config' # This function will be called if the script status is on enabled / audit mode