From ad030e74efe9249b59ef6fdb58fca8d9d562cc11 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Sat, 20 Jul 2013 12:43:46 -0300
Subject: Back to hmac-sha1 as hmac-sha2-512 prevented squeeze systems to
 connect

---
 templates/sshd_config/Debian_sid.erb    | 2 +-
 templates/sshd_config/Debian_wheezy.erb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'templates')

diff --git a/templates/sshd_config/Debian_sid.erb b/templates/sshd_config/Debian_sid.erb
index 60c15fa..70bb4bf 100644
--- a/templates/sshd_config/Debian_sid.erb
+++ b/templates/sshd_config/Debian_sid.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
diff --git a/templates/sshd_config/Debian_wheezy.erb b/templates/sshd_config/Debian_wheezy.erb
index 60c15fa..70bb4bf 100644
--- a/templates/sshd_config/Debian_wheezy.erb
+++ b/templates/sshd_config/Debian_wheezy.erb
@@ -115,7 +115,7 @@ AllowGroups <%= s %>
 
 <% if scope.lookupvar('sshd::hardened_ssl') == 'yes' -%>
 Ciphers aes256-ctr
-MACs hmac-sha2-512
+MACs hmac-sha1
 <% end -%>
 
 <% unless (s=scope.lookupvar('sshd::tail_additional_options')).empty? -%>
-- 
cgit v1.2.3