Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL Cipher Question

Discussion in 'General Discussion' started by JamesKemp, Jan 2, 2017.

Tags:
  1. JamesKemp

    JamesKemp Member

    Joined:
    Feb 21, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    Hi,

    How can I add the following cipher to CentOS 7 with cPanel:

    3des-cbc,arcfour,cast128-cbc,twofish-cbc,blowfish-cbc,twofish128-cbc,aes128-cbc,aes256-cbc server,aes256-ctr,aes128-ctr

    Thank you!
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  3. JamesKemp

    JamesKemp Member

    Joined:
    Feb 21, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    Hi Michael,

    I need to add the following Cipher to CentOS 7 server because CuteFTP SFTP is not working with the new default Cipher and it's unable to connect, please let me know how I can enable the following Cipher?

    3des-cbc,arcfour,cast128-cbc,twofish-cbc,blowfish-cbc,twofish128-cbc,aes128-cbc,aes256-cbc server,aes256-ctr,aes128-ctr

    I have added the following to sshd2_config file but it's still not working:

    Ciphers 3des-cbc,arcfour,cast128-cbc,twofish-cbc,blowfish-cbc,twofish128-cbc,aes128-cbc,aes256-cbc server,aes256-ctr,aes128-ctr

    Thank you!
     
    #3 JamesKemp, Jan 6, 2017
    Last edited: Jan 7, 2017
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    You'd need to add your custom cipher entry to the /etc/ssh/sshd_config file and then restart the SSHd service:

    Code:
    /scripts/restartsrv_sshd
    There's a third-party URL with information on how to change the cipher list (though the specific ciphers referenced in this URL might be outdated)

    How to harden SSH on CentOS 6.5

    Thank you.
     
Loading...

Share This Page