You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In more technical terms, if your SSH implementations supports (and is configured to offer) the [email protected] encryption algorithm, or any encryption algorithm suffixed -cbc in combination with any MAC algorithm suffixed [email protected], you are vulnerable to Terrapin.
Also
AES-GCM (RFC5647) is not affected by Terrapin
Or perhaps there is a way to enable "strict kex" which (assuming the client also supports it) would also shutdown any attempt to exploit the issue.
Thanks!
The text was updated successfully, but these errors were encountered:
I have run the terrapin scanner (https://github.com/RUB-NDS/Terrapin-Scanner) against an our server module and it is reporting as vulnerable. I was wondering if you have any advice on how to mitigate the vulnerability. According to the website https://terrapin-attack.com/
Also
Or perhaps there is a way to enable "strict kex" which (assuming the client also supports it) would also shutdown any attempt to exploit the issue.
Thanks!
The text was updated successfully, but these errors were encountered: