https://community.cisco.com/t5/network-security/ssh-server-cbc-mode-ciphers-enabled/m-p/2410525#M920000 <P>Hi, </P><P>We have couple of Cisco switches 2960 and HP switches 2910-24g that enabled SSH sever to remote access, Nessus keeps reporting a low </P><P> vulnerabilities on those switches because of CBC cipher and it recomandded to use CTR or GCM cipher mode? any Idea how we solve this?</P><P></P><P>Thanks in advance!</P><P><BR />Mike</P> Fri, 21 Feb 2020 13:03:43 GMT majedalanni 2020-02-21T13:03:43Z https://community.cisco.com/t5/network-security/ssh-server-cbc-mode-ciphers-enabled/m-p/2410525#M920000 <P>Hi, </P><P>We have couple of Cisco switches 2960 and HP switches 2910-24g that enabled SSH sever to remote access, Nessus keeps reporting a low </P><P> vulnerabilities on those switches because of CBC cipher and it recomandded to use CTR or GCM cipher mode? any Idea how we solve this?</P><P></P><P>Thanks in advance!</P><P><BR />Mike</P> Fri, 21 Feb 2020 13:03:43 GMT https://community.cisco.com/t5/network-security/ssh-server-cbc-mode-ciphers-enabled/m-p/2410525#M920000 majedalanni 2020-02-21T13:03:43Z https://community.cisco.com/t5/network-security/ssh-server-cbc-mode-ciphers-enabled/m-p/2410526#M920001 <HTML><HEAD></HEAD><BODY><P>Based on <A ___default_attr="210989" href="#mce_temp_url#" title="Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router">Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router</A> thread it seems not to be possible.</P><P></P><P>Do not allow connection from untrusted/unknown clients to your switch.</P></BODY></HTML> Tue, 03 Dec 2013 23:50:24 GMT https://community.cisco.com/t5/network-security/ssh-server-cbc-mode-ciphers-enabled/m-p/2410526#M920001 Dan Lukes 2013-12-03T23:50:24Z