Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1576
Views
10
Helpful
10
Replies

Cipher should be replaced at switch

Go to solution
Leftz
Level 4
Level 4

‎06-22-2022 01:20 PM

Hi We got security vulnerability issue report. We are not sure which cipher should be replaced. http/https are disabled. 

Looks like ssh is related with the issue. Anyone can share some suggestions? Thank you

 

The switch info: CAT3K_CAA-UNIVERSALK9-M, Version 03.06.06E

Security Report says it like the below:

Ciphers using CFB of OFB
Very uncommon, and deprecated because of weaknesses compared to newer cipher chaining modes such as CTR or GCM
RC4 cipher (arcfour, arcfour128, arcfour256)
The RC4 cipher has a cryptographic bias and is no longer considered secure
Ciphers with a 64-bit block size (DES, 3DES, Blowfish, IDEA, CAST)
Ciphers with a 64-bit block size may be vulnerable to birthday attacks (Sweet32)
Key exchange algorithms using DH group 1 (diffie-hellman-group1-sha1, gss-group1-sha1-*)
DH group 1 uses a 1024-bit key which is considered too short and vulnerable to Logjam-style attacks
Key exchange algorithm "rsa1024sha1"
Very uncommon, and deprecated because of the short RSA key size
MAC algorithm "umac-32"
Very uncommon, and deprecated because of the very short MAC length
Cipher "none"
This is available only in SSHv1

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎06-22-2022 01:34 PM

@Leftz you should look to upgrade your IOS, version 03.06.06E is very old. The newer IOS versions will support the latest ciphers. Something like the following (if supported by your image) would be more secure.

 

crypto key generate rsa modulus 2048
ip ssh version 2
ip ssh client algorithm encryption aes256-ctr aes192-ctr aes128-ctr
ip ssh server algorithm encryption aes256-ctr aes192-ctr aes128-ctr
ip ssh server algorithm mac hmac-sha1
ip ssh dh min size 2048

View solution in original post

Go to solution
Rob Ingram
VIP
VIP
In response to Leftz

‎06-22-2022 01:46 PM

@Leftz if supported by your software image, yes.

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-8/configuration_guide/sec/b_168_sec_9300_cg/m9_168_sec_secure_shell_algorithms_cg.pdf

 

You could see if the more secure ciphers such as the following is accepted in your old IOS version:

 

ip ssh server algorithm mac hmac-sha2-256, hmac-sha2-512, hmac-sha1

 

SHA2 will be more secure than SHA1.

 

View solution in original post

10 Replies 10

Go to solution
Rob Ingram
VIP
VIP

‎06-22-2022 01:34 PM

@Leftz you should look to upgrade your IOS, version 03.06.06E is very old. The newer IOS versions will support the latest ciphers. Something like the following (if supported by your image) would be more secure.

 

crypto key generate rsa modulus 2048
ip ssh version 2
ip ssh client algorithm encryption aes256-ctr aes192-ctr aes128-ctr
ip ssh server algorithm encryption aes256-ctr aes192-ctr aes128-ctr
ip ssh server algorithm mac hmac-sha1
ip ssh dh min size 2048

Go to solution
Leftz
Level 4
Level 4

‎06-22-2022 01:38 PM

@Rob Ingram Thank you very much for your reply!

So the below commands should also fix the issue?

crypto key generate rsa modulus 2048
ip ssh version 2
ip ssh client algorithm encryption aes256-ctr aes192-ctr aes128-ctr
ip ssh server algorithm encryption aes256-ctr aes192-ctr aes128-ctr
ip ssh server algorithm mac hmac-sha1
ip ssh dh min size 2048

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to Leftz

‎06-22-2022 01:46 PM

@Leftz if supported by your software image, yes.

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-8/configuration_guide/sec/b_168_sec_9300_cg/m9_168_sec_secure_shell_algorithms_cg.pdf

 

You could see if the more secure ciphers such as the following is accepted in your old IOS version:

 

ip ssh server algorithm mac hmac-sha2-256, hmac-sha2-512, hmac-sha1

 

SHA2 will be more secure than SHA1.

 

Go to solution
Leftz
Level 4
Level 4

‎06-22-2022 01:49 PM

Thank you very much for your nice explanation. what command can I use to show current cipher that the switch is using? 

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to Leftz

‎06-22-2022 01:51 PM

@Leftz use "show ip ssh"

0 Helpful

Go to solution
Leftz
Level 4
Level 4

‎06-22-2022 01:54 PM

 

Ok I got it. Thank you very much!


0 Helpful

Go to solution
Leftz
Level 4
Level 4

‎06-23-2022 12:58 PM

@Rob Ingram Is it possible to lose ssh connection after adding these cli? thanks

 

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to Leftz

‎06-23-2022 01:02 PM

@Leftz yes it is possible, best to do it via console. Test the commands on a local switch, before rolling out remotely.

Ensure you are using an up to date ssh client that supports the ciphers

0 Helpful

Go to solution
Leftz
Level 4
Level 4

‎06-23-2022 01:16 PM

Thanks Rob. How to rolling out? I do not think reboot without save can rolling out, right? 

and can I say all ciphers at client side have to cover ciphers at its server? 

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to Leftz

‎06-23-2022 01:33 PM

@Leftz to rollout I mean you should test all the commands above are accepted by whatever version of IOS-XE you are running on a local switch, that you have console access - confirm they work before rolling out on the remaining switches. A reboot without saving the configuration would reboot with the old settings.


Use the same client and server settings.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card