Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1794
Views
0
Helpful
1
Replies

Disable CBC mode and MD5 MAC algorithms

DAVID FRAGIACOMO
Level 1
Level 1

‎07-29-2016 11:54 AM - edited ‎02-21-2020 05:52 AM

I'm running a 5515 ASA with version 9.4(2)6 and due to a report created after a recent pen test, I've been requested to disable CBC mode and MD5 MAC algorithms on my security appliance. After much searching on the web and using both ASDM and the CLI, I can't seem to figure out how to disable these.  Any help is appreciated.  Thanks.

0 Helpful
1 Reply 1

JP Miranda Z
Cisco Employee
Cisco Employee

‎08-23-2016 02:42 PM

Hi DAVID FRAGIACOMO,

Take a look to this enh request: CSCum63371.

Seems like the version 9.4.2.6 does not support the manual change of the ssh ciphers, in order to support this command you can upgrade to 9.4(2.99) which is already working or latest.

This are the commands:

-show ssh ciphers

-ssh cipher encryption custom (you can select the ciphers that you want and put them here)

Hope this info helps!!

Rate if helps you!! 

-JP-

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card