Hello, I found your exchanges very interesting and answered many of the questions I had.
I have two comments that come to mind:
1] As you say, [weak cipher "none"] checked adds the line "NoneEnabled yes" in the sshd_config file.
Why does Truenas recommend on this
page to add "NoneEnabled no" in the auxiliary parameters, when it would be enough to say to uncheck [weak cipher "none"]?
I specify that unchecking [weak cipher "none"], does not add the "NoneEnabled no" parameter in the "sshd_config" file; while adding "NoneEnabled no" in the auxiliary parameters, adds the "NoneEnabled no" line in the "sshd_config" file.
2] On this other
page of the documentation, Truenas recommends to add the next line in the auxiliary parameters:
However, on the Truenas 13.0 U3 version, when no auxiliary parameters have been added (empty fields) and [weak cipher "none" and "AES128-CBC"] are unchecked, your method with NMAP software, returns the following encryptions algorithms:
=> exactly the same as the ones Truenas recommends to add in the auxiliary parameters.
Why does Truenas recommend adding this line, when by default only these algorithms are operational on the server?
Regards
