Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SSL Cipher Question

Discussion in 'General Discussion' started by JamesKemp, Jan 2, 2017.

Tags:
  1. JamesKemp

    JamesKemp Member

    Joined:
    Feb 21, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    Hi,

    How can I add the following cipher to CentOS 7 with cPanel:

    3des-cbc,arcfour,cast128-cbc,twofish-cbc,blowfish-cbc,twofish128-cbc,aes128-cbc,aes256-cbc server,aes256-ctr,aes128-ctr

    Thank you!
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,303
    Likes Received:
    1,847
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. JamesKemp

    JamesKemp Member

    Joined:
    Feb 21, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    Hi Michael,

    I need to add the following Cipher to CentOS 7 server because CuteFTP SFTP is not working with the new default Cipher and it's unable to connect, please let me know how I can enable the following Cipher?

    3des-cbc,arcfour,cast128-cbc,twofish-cbc,blowfish-cbc,twofish128-cbc,aes128-cbc,aes256-cbc server,aes256-ctr,aes128-ctr

    I have added the following to sshd2_config file but it's still not working:

    Ciphers 3des-cbc,arcfour,cast128-cbc,twofish-cbc,blowfish-cbc,twofish128-cbc,aes128-cbc,aes256-cbc server,aes256-ctr,aes128-ctr

    Thank you!
     
    #3 JamesKemp, Jan 6, 2017
    Last edited: Jan 7, 2017
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,303
    Likes Received:
    1,847
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    You'd need to add your custom cipher entry to the /etc/ssh/sshd_config file and then restart the SSHd service:

    Code:
    /scripts/restartsrv_sshd
    There's a third-party URL with information on how to change the cipher list (though the specific ciphers referenced in this URL might be outdated)

    How to harden SSH on CentOS 6.5

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice