In wake of the newly-discovered POODLE vulnerability, I'd like to disable SSLv3 on all of my SSH servers. How do I achieve this with OpenSSH?
Ssh – How to disable SSLv3 in an OpenSSH SSH server to avoid POODLE
poodlesshsslvulnerability
poodlesshsslvulnerability
In wake of the newly-discovered POODLE vulnerability, I'd like to disable SSLv3 on all of my SSH servers. How do I achieve this with OpenSSH?
Best Answer
This is not an issue for OpenSSH since it doesn't make use of SSL.
excerpt - What is the difference between SSL vs SSH? Which is more secure?As further evidence I'd direct you to RFC 4253, which discusses the "The Secure Shell (SSH) Transport Layer Protocol". This is SSH's own custom transport layer, it does not use the same one that HTTPS/SSL uses.
Lastly this Q&A from the security SE site titled: SSL3 “Poodle” Vulnerability had this to say about the POODLE attack.
excerptSo there is no action that needs to be taken for OpenSSH against this particular threat.
References
More reading