|Article Number: 504576||Article Version: 6||Article Type: Break Fix|
Avamar Server,Avamar Server 7.5.0-183
In cryptography, a message authentication code (MAC), sometimes known as a tag, is a short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed. The MAC value protects both a message's data integrity as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content.
The sshd_config for Avamar 7.5.x or greater version supports the following MACs:
grep MAC /etc/ssh/sshd_config
MACs firstname.lastname@example.org,hmac-sha2-512,email@example.com,hmac-sha2-256,firstname.lastname@example.org,email@example.com,firstname.lastname@example.org,hmac-ripemd160PermitEmptyPasswords no
/var/log/messages can show the following error when logged via a console such as lights out port (RMC for Gen4t, RMM for Gen4s, vSphere Console for AVEs etc):
Oct 30 12:27:19 testavamar sshd: fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server email@example.com,hmac-sha2-512,firstname.lastname@example.org,hmac-sha2-256,email@example.com,firstname.lastname@example.org,email@example.com,hmac-ripemd160
PuTTY releases less than version 0.63 doesn't support these MACs
Recent install of a 7.5.x system
MAC entries were added to the sshd config file (/etc/ssh/sshd_config) on the Avamar Server
Download a PuTTY version that is greater than or equal to 0.63 and then ssh into the Avamar Server.
Note: As of September 28, 2017, the latest version of PuTTy is 0.70