根据此处的答案,Debian Stretch 存储库已更改为存档。
从 maven:3.5.2-jdk-8 构建 dockerfile 时,apt-get update 无法获取 debian amd64 软件包
我之前的做法/etc/apt/sources.list是这样的:
deb http://security.debian.org/debian-security stretch/updates main
deb-src http://security.debian.org/debian-security stretch/updates main
deb http://deb.debian.org/debian stretch main
deb-src http://deb.debian.org/debian stretch main
deb http://deb.debian.org/debian stretch-updates main
deb-src http://deb.debian.org/debian stretch-updates main"
我在文件中更改deb.debian.org为,但当我执行 apt update 时出现以下错误:archive.debian.orgsources.list
Ign:1 http://security.debian.org/debian-security stretch/updates InRelease
Err:2 http://security.debian.org/debian-security stretch/updates Release
404 Not Found [IP: 146.75.106.132 80]
Ign:3 http://archive.debian.org/debian stretch InRelease
Ign:4 http://archive.debian.org/debian stretch-updates InRelease
Hit:5 http://archive.debian.org/debian stretch Release
Err:6 http://archive.debian.org/debian stretch-updates Release
404 Not …漏洞扫描显示,在 Debian 10 系统中,使用了不安全的 MAC 算法:umac-64-etm@openssh.com、hmac-sha1-etm@openssh.com、umac-64@openssh.com、hmac-sha1
当我这样做时ssh -Q mac,我得到以下结果:
hmac-sha1
hmac-sha1-96
hmac-sha2-256
hmac-sha2-512
hmac-md5
hmac-md5-96
umac-64@openssh.com
umac-128@openssh.com
hmac-sha1-etm@openssh.com
hmac-sha1-96-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-md5-etm@openssh.com
hmac-md5-96-etm@openssh.com
umac-64-etm@openssh.com
umac-128-etm@openssh.com
文件中/etc/ssh/ssh_config有一行被注释掉:
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com
文件中没有提及 umac-64-etm 或 hmac-sha1-etm。其中/etc/ssh/sshd_config根本没有 MAC 关键字。如何禁用这些弱 HMAC?