https://community.cisco.com/t5/network-security/ssh-protocol-version-1-session-key-vulnerability/m-p/2826197#M44422 <P>Does your IPS show this when you connect to your ASA? Or for other access?</P> <P>In general: Make sure that all SSH-servers only accept ssh version 2.</P> <P>For the configuration of SSH on ASA and IOS you can look at&nbsp;the following document:</P> <P><A href="https://supportforums.cisco.com/document/12338141/guide-better-ssh-security">https://supportforums.cisco.com/document/12338141/guide-better-ssh-security</A></P> <P>For other devices, follow the respective documentation.</P> Wed, 25 Nov 2015 22:09:53 GMT Karsten Iwen 2015-11-25T22:09:53Z https://community.cisco.com/t5/network-security/ssh-protocol-version-1-session-key-vulnerability/m-p/2826196#M44421 <P>Hi we have a ASA-5585 and the IPS show us a vulnerability <SPAN style="font-size: 11.0pt; font-family: 'Calibri','sans-serif';">SSH Protocol Version 1 Session Key.</SPAN></P> <P><SPAN style="font-size: 11.0pt; font-family: 'Calibri','sans-serif';">How We do to mitigate that?</SPAN></P> Sun, 10 Mar 2019 13:30:33 GMT https://community.cisco.com/t5/network-security/ssh-protocol-version-1-session-key-vulnerability/m-p/2826196#M44421 mario-palma 2019-03-10T13:30:33Z https://community.cisco.com/t5/network-security/ssh-protocol-version-1-session-key-vulnerability/m-p/2826197#M44422 <P>Does your IPS show this when you connect to your ASA? Or for other access?</P> <P>In general: Make sure that all SSH-servers only accept ssh version 2.</P> <P>For the configuration of SSH on ASA and IOS you can look at&nbsp;the following document:</P> <P><A href="https://supportforums.cisco.com/document/12338141/guide-better-ssh-security">https://supportforums.cisco.com/document/12338141/guide-better-ssh-security</A></P> <P>For other devices, follow the respective documentation.</P> Wed, 25 Nov 2015 22:09:53 GMT https://community.cisco.com/t5/network-security/ssh-protocol-version-1-session-key-vulnerability/m-p/2826197#M44422 Karsten Iwen 2015-11-25T22:09:53Z