Solved: Re: NX-OS Weak SSH Algorithms

virtualpedia · ‎02-08-2024

Hi,

Currently running 7.1(4)N1(1) on nexus 5Ks. A security assessment came back that the switches are supporting weak ssh algorithms. Is there a way to remove the weak algorithms? I cannot seem to find a way through CLI

Does anyone know if its possible?

anpetit · ‎02-09-2024

Hello @virtualpedia ,

Hope you are doing well.
You can do it since 7.3.1 on Nexus 5548, nevertheless you will need a specific debug plugin to be able to achieve your goal.
This can be provided by TAC if you are opening a TAC Case. This is the only way.
Let me know if it helps and have a nice day.
Kind Regards,
Antoine

View solution in original post

anpetit · ‎02-09-2024

Hello @virtualpedia ,

Hope you are doing well.
You can do it since 7.3.1 on Nexus 5548, nevertheless you will need a specific debug plugin to be able to achieve your goal.
This can be provided by TAC if you are opening a TAC Case. This is the only way.
Let me know if it helps and have a nice day.
Kind Regards,
Antoine

virtualpedia · ‎02-09-2024

@anpetit thanks for reply. I assume same would be for 56128's?

Would getting the plugin be a one time thing or would you need to contact TAC every time you needed to make a change?

anpetit · ‎02-09-2024

@virtualpedia

Thanks for the helpful vote.

Your assumption is correct regarding 56xx.
Debug plugin is linked to the version, hence if you have multiple different version across your install base, you might need multiple plugin.
Hope it helps.

Kind Regards,
Antoine

virtualpedia · ‎02-09-2024

thank you @anpetit !