RHEL6 accepts crypto settings from openssh 5.9

[wojciech-kopras]

To fix #125

[chris-rock]

@wojciech-kopras can you make the DCO bot happy?

[artem-sidorenko]

Looks good to me, I'll cross-check it with chef-ssh-hardening, I also want to verify if this support was backported by RH (because of version detection logic in chef-ssh-hardening). Maybe we have here some edge case, which wasn't covered in the past, not sure yet

[chris-rock]

@artem-sidorenko Once you're okay, we can merge this this PR.

[artem-sidorenko]

I'm currently on vacation, will have a look by the end of next week.

-- Artem Sidorenko

Sent from my mobile

On 22. Aug 2019, at 23:49, Christoph Hartmann [email protected] wrote:

receiving

[artem-sidorenko]

I'm not really sure how to handle this.. how it looks like this support this backported ny RH or we really missed something in the past. If it was backported -> we would have to introduce some logic to the openssh version discovery library within chef-ssh-hardening to cover this edge case.

Sorry if it takes more time again, but I'll have to find another time to technically cross-check this with ansible-ssh-hardening and chef-ssh-hardening in order to know what would break and how it can be handled.

[chris-rock]

@artem-sidorenko Can we just activate this on the latest 6.x version of Redhat/Centos?