diff --git a/remove-hmac-ripemd160.patch b/remove-hmac-ripemd160.patch
new file mode 100644
index 0000000000000000000000000000000000000000..49e1acd8d91130684509b5aedfdbd9bf92f312b6
--- /dev/null
+++ b/remove-hmac-ripemd160.patch
@@ -0,0 +1,55 @@
+From 06955b69851882145cbe3b11fd36f23522570c48 Mon Sep 17 00:00:00 2001
+From: htpeng <htpengc@isoftstone.com>
+Date: Fri, 14 Jul 2023 14:56:25 +0800
+Subject: [PATCH] remove hmac-ripemd160
+
+openssh is not supported hmac-ripemd160 mac after V_7_6_P1, so remove
+it, please refer:
+https://github.com/openssh/openssh-portable/commit/7bdb2eeb1d3c26acdc409bd94532eefa252e440b
+
+Signed-off-by: htpeng <htpengc@isoftstone.com>
+---
+ .../ssh/ssh_server/sshd_use_strong_macs/bash/shared.sh        | 2 +-
+ .../ssh/ssh_server/sshd_use_strong_macs/oval/shared.xml       | 2 +-
+ .../services/ssh/ssh_server/sshd_use_strong_macs/rule.yml     | 4 ++--
+ 3 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/bash/shared.sh
+index f77be04..f1cf0ec 100644
+--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/bash/shared.sh
++++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/bash/shared.sh
+@@ -1,4 +1,4 @@
+ # platform = multi_platform_all
+ 
+-{{{ bash_sshd_config_set(parameter="MACs", value="hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160") }}}
++{{{ bash_sshd_config_set(parameter="MACs", value="hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256") }}}
+ 
+diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/oval/shared.xml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/oval/shared.xml
+index e80fc70..1495555 100644
+--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/oval/shared.xml
++++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/oval/shared.xml
+@@ -1 +1 @@
+-{{{ oval_sshd_config(parameter="MACs", value="((hmac-sha2-512-etm@openssh\.com|hmac-sha2-256-etm@openssh\.com|umac-128-etm@openssh\.com|hmac-sha2-512|hmac-sha2-256|hmac-ripemd160),?)+") }}}
++{{{ oval_sshd_config(parameter="MACs", value="((hmac-sha2-512-etm@openssh\.com|hmac-sha2-256-etm@openssh\.com|umac-128-etm@openssh\.com|hmac-sha2-512|hmac-sha2-256),?)+") }}}
+diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/rule.yml
+index 66d0402..eda32ce 100644
+--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/rule.yml
++++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/rule.yml
+@@ -8,7 +8,7 @@ description: |-
+     Limit the MACs to strong hash algorithms.
+     The following line in <tt>/etc/ssh/sshd_config</tt> demonstrates use
+     of those MACs:
+-    <pre>MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160</pre>
++    <pre>MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256</pre>
+ 
+ rationale: |-
+     MD5 and 96-bit MAC algorithms are considered weak and have been shown to increase
+@@ -29,4 +29,4 @@ ocil: |-
+     MACs are in use, run the following command:
+     <pre>$ sudo grep -i macs /etc/ssh/sshd_config</pre>
+     The output should contain only those MACs which are strong, namely,
+-    hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 hash functions.
++    hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256 hash functions.
+-- 
+2.34.1
+
diff --git a/scap-security-guide.spec b/scap-security-guide.spec
index 037517521ae0bf28e883d3d814d46439d6ddf74a..4207deffdb5d07eb01cba91480b65255e0784c3c 100644
--- a/scap-security-guide.spec
+++ b/scap-security-guide.spec
@@ -1,6 +1,6 @@
 Name:		scap-security-guide
 Version:	0.1.49
-Release:	6
+Release:	7
 Summary:	Security guidance and baselines in SCAP formats
 License:	BSD-3-Clause
 URL:		https://github.com/ComplianceAsCode/content/
@@ -13,6 +13,7 @@ Patch0004:backport-fix-remaining-getchildren-and-getiterator-functions.patch
 Patch0005:backport-fix-for-older-python-versions-lacking-.iter-method.patch
 Patch0006:init-openEuler-ssg-project.patch
 Patch0007:enable-76-rules-for-openEuler.patch
+Patch0008:remove-hmac-ripemd160.patch
 
 BuildArch:	noarch
 BuildRequires: 	libxslt, expat, python3, openscap-scanner >= 1.2.5, cmake >= 3.8, python3-jinja2, python3-PyYAML
@@ -67,6 +68,9 @@ cd build
 %doc %{_docdir}/%{name}/tables/*.html
 
 %changelog
+* Fri Jul 14 2023 penghaitao <htpengc@isoftstone.com> - 0.1.49-7
+- remove unsupported hmac-ripemd160
+
 * Sun Jun 25 2023 steven <steven_ygui@163.com> - 0.1.49-6
 - add some descriptions