4405271e69
This patch is a follow-on docs patch for the sshd configuration work. Implements: blueprint security-rhel7-stig Change-Id: Ie140302bd0a20282f2f08a1296e04217e52da114
749 B
749 B
---id: RHEL-07-040700 status: implemented tag: implemented ---
The Compression configuration is set to
delayed in /etc/ssh/sshd_config and sshd is
restarted.
Deployers can choose another option by setting the following Ansible variable:
security_sshd_compression: 'no'Note
The following are the available settings for Compression
in the ssh configuration file:
delayed: Compression is enabled after authentication.no: Compression is disabled.yes: Compression is enabled during authentication and during the session (not allowed by the STIG).
The delayed option balances security with performance
and is an approved option in the STIG.