Re: Edit and configure the SSL Certificate and SSH Server on Cisco SMA.

thaungtunzaw · ‎04-25-2018

Hello,

I would like to know how to edit and configure the SSL Certificate and SSH Server on Cisco SMA.

SSH Server on Cisco SMA

1. how to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.

2. how to disable MD5 and 96-bit MAC algorithms

3. how to remove the weak ciphers

Thanks.

Libin Varghese · ‎04-25-2018

You can review and modify the ciphers in use through the CLI using command sslconfig.

Refer to the article:

CLI command sshconfig to review and modify algorithms in use.

The SMA does have limited options compared to the ESA.

thaungtunzaw · ‎04-25-2018

Hi Libin,

Thanks for your answer. The below articles are especially for SSL configuration on SMA.

But I need to edit and configuration of SSH on SMA. Please advise.

Thanks

Libin Varghese · ‎04-30-2018

You can use the CLI command sshconfig for the same.

However do note that modifying how ssh works can result in you loosing ssh access to the appliance depending on the ssh client in use.