SSH

Configuring MACs

The MAC (Message Authentication Code) algorithm(s) used for data integrity verification can be selected in the sshd2_config file:

MACs                hmac-sha1,hmac-md5

The system will attempt to use the different HMAC algorithms in the sequence they are specified on the line. The supported MAC names are the following:

hmac-md5hmac-sha2-256hmac-sha384@ssh.com
hmac-md5-96hmac-sha256-2@ssh.comhmac-sha2-512
hmac-sha1hmac-sha224@ssh.comhmac-sha512@ssh.com
hmac-sha1-96hmac-sha256@ssh.com 

Special values for this option are the following:

The default MAC algorithms are: hmac-sha1, hmac-sha1-96, hmac-sha2-256, hmac-sha256-2@ssh.com, hmac-sha224@ssh.com, hmac-sha256@ssh.com, hmac-sha384@ssh.com, hmac-sha2-512, and hmac-sha512@ssh.com.