Hi,
We are using confd 8.0.6, and when we try to set /confdConfig/ssh/algorithms/mac to [hmac-sha2-512, hmac-sha2-256], it still accepts hmac-sha1.
Could it be that the --reload option is not working?
If so, is there a fix in some version?
Thanks
It does appear to be fixed in releases after 8.1 (I still your behavior in later 8.0 and 8.1). With a quick test in 8.4 I started with the configured macs (as shown with ssh -vvv…)
debug2: MACs ctos: hmac-sha1,hmac-sha2-256,hmac-sha2-512
debug2: MACs stoc: hmac-sha1,hmac-sha2-256,hmac-sha2-512
then remove hmac-sha1 from the config, do a confd --reload, and try again
debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512
debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512
Works with the latest 8.0.x ConfD version too.