From a3d4e1deaf14b61eb23a5d9751b79d6272151e83 Mon Sep 17 00:00:00 2001
From: gys <a869920004@163.com>
Date: Sat, 10 Oct 2020 16:53:18 +0800
Subject: [PATCH] =?UTF-8?q?update=20docs/zh/docs/20.09/docs/SecHarden/?=
 =?UTF-8?q?=E7=B3=BB=E7=BB=9F=E6=9C=8D=E5=8A=A1.md.=20=E4=BF=AE=E6=94=B9?=
 =?UTF-8?q?=E5=AE=89=E5=85=A8=E5=8A=A0=E5=9B=BA=E9=85=8D=E7=BD=AE=E6=96=87?=
 =?UTF-8?q?=E4=BB=B6=E3=80=82=20sshd=5Fconfig=E9=BB=98=E8=AE=A4=E9=85=8D?=
 =?UTF-8?q?=E7=BD=AE=E4=B8=AD=E4=BD=BF=E7=94=A8=E5=AE=89=E5=85=A8=E7=9A=84?=
 =?UTF-8?q?=20MACs=20and=20KexAlgorithms=E3=80=82=20=E9=BB=98=E8=AE=A4?=
 =?UTF-8?q?=E4=B8=8D=E5=86=8D=E6=94=AF=E6=8C=81hmac-sha1,hmac-sha1-etm@ope?=
 =?UTF-8?q?nssh.com=EF=BC=8Cdiffie-hellman-group14-sha1,diffie-hellman-gro?=
 =?UTF-8?q?up-exchange-sha1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

影响范围：
如果ssh客户端在配置文件中SSH数据校验的哈希算法仅设置如下配置将导致无法进行数据校验
MACs hmac-sha1,hmac-sha1-etm@openssh.com
如果ssh客户端在配置文件中密钥交换算法中仅设置了如下配置将导致无法连接ssh服务端
KexAlgorithms diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1
---
 .../\347\263\273\347\273\237\346\234\215\345\212\241.md"    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git "a/docs/zh/docs/20.09/docs/SecHarden/\347\263\273\347\273\237\346\234\215\345\212\241.md" "b/docs/zh/docs/20.09/docs/SecHarden/\347\263\273\347\273\237\346\234\215\345\212\241.md"
index e6f917881..13049d470 100644
--- "a/docs/zh/docs/20.09/docs/SecHarden/\347\263\273\347\273\237\346\234\215\345\212\241.md"
+++ "b/docs/zh/docs/20.09/docs/SecHarden/\347\263\273\347\273\237\346\234\215\345\212\241.md"
@@ -206,7 +206,7 @@ SSH（Secure Shell）是目前较可靠，专为远程登录会话和其他网
     </td>
     <td class="cellrowborder" valign="top" width="45.34%" headers="mcps1.2.5.1.2 "><p id="p19145217162616"><a name="p19145217162616"></a><a name="p19145217162616"></a>设置SSH数据校验的哈希算法</p>
     </td>
-    <td class="cellrowborder" valign="top" width="13.01%" headers="mcps1.2.5.1.3 "><p id="zh-cn_topic_0152100390_ab749b83348bd4b078841e5f2c959c1ce"><a name="zh-cn_topic_0152100390_ab749b83348bd4b078841e5f2c959c1ce"></a><a name="zh-cn_topic_0152100390_ab749b83348bd4b078841e5f2c959c1ce"></a>hmac-sha2-512,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha1,hmac-sha1-etm@openssh.com</p>
+    <td class="cellrowborder" valign="top" width="13.01%" headers="mcps1.2.5.1.3 "><p id="zh-cn_topic_0152100390_ab749b83348bd4b078841e5f2c959c1ce"><a name="zh-cn_topic_0152100390_ab749b83348bd4b078841e5f2c959c1ce"></a><a name="zh-cn_topic_0152100390_ab749b83348bd4b078841e5f2c959c1ce"></a>hmac-sha2-512,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-256-etm@openssh.com</p>
     </td>
     <td class="cellrowborder" valign="top" width="25.09%" headers="mcps1.2.5.1.4 "><p id="p18860142412259"><a name="p18860142412259"></a><a name="p18860142412259"></a>是</p>
     </td>
@@ -278,7 +278,7 @@ SSH（Secure Shell）是目前较可靠，专为远程登录会话和其他网
     </td>
     <td class="cellrowborder" valign="top" width="45.34%" headers="mcps1.2.5.1.2 "><p id="p1914641722613"><a name="p1914641722613"></a><a name="p1914641722613"></a>设置SSH密钥交换算法</p>
     </td>
-    <td class="cellrowborder" valign="top" width="13.01%" headers="mcps1.2.5.1.3 "><p id="p209516241518"><a name="p209516241518"></a><a name="p209516241518"></a>curve25519-sha256,curve25519-sha256@@libssh.org,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256</p>
+    <td class="cellrowborder" valign="top" width="13.01%" headers="mcps1.2.5.1.3 "><p id="p209516241518"><a name="p209516241518"></a><a name="p209516241518"></a>curve25519-sha256,curve25519-sha256@@libssh.org,diffie-hellman-group-exchange-sha256</p>
     </td>
     <td class="cellrowborder" valign="top" width="25.09%" headers="mcps1.2.5.1.4 ">&nbsp;&nbsp;</td>
     </tr>
@@ -319,7 +319,7 @@ SSH（Secure Shell）是目前较可靠，专为远程登录会话和其他网
     </td>
     <td class="cellrowborder" valign="top" width="9.569999999999999%" headers="mcps1.2.5.1.2 "><p id="p6200165334714"><a name="p6200165334714"></a><a name="p6200165334714"></a>设置SSH密钥交换算法</p>
     </td>
-    <td class="cellrowborder" valign="top" width="54.510000000000005%" headers="mcps1.2.5.1.3 "><p id="zh-cn_topic_0152100390_a2afb24fc01c44ad9923f003fd9c2200a"><a name="zh-cn_topic_0152100390_a2afb24fc01c44ad9923f003fd9c2200a"></a><a name="zh-cn_topic_0152100390_a2afb24fc01c44ad9923f003fd9c2200a"></a>ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1</p>
+    <td class="cellrowborder" valign="top" width="54.510000000000005%" headers="mcps1.2.5.1.3 "><p id="zh-cn_topic_0152100390_a2afb24fc01c44ad9923f003fd9c2200a"><a name="zh-cn_topic_0152100390_a2afb24fc01c44ad9923f003fd9c2200a"></a><a name="zh-cn_topic_0152100390_a2afb24fc01c44ad9923f003fd9c2200a"></a>ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256</p>
     </td>
     <td class="cellrowborder" valign="top" width="8.85%" headers="mcps1.2.5.1.4 "><p id="p10810111614714"><a name="p10810111614714"></a><a name="p10810111614714"></a>否</p>
     </td>
-- 
Gitee