cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1070
Views
0
Helpful
1
Replies

Disable CBC mode and MD5 MAC algorithms

DAVID FRAGIACOMO
Beginner
Beginner

I'm running a 5515 ASA with version 9.4(2)6 and due to a report created after a recent pen test, I've been requested to disable CBC mode and MD5 MAC algorithms on my security appliance. After much searching on the web and using both ASDM and the CLI, I can't seem to figure out how to disable these.  Any help is appreciated.  Thanks.

1 Reply 1

JP Miranda Z
Cisco Employee
Cisco Employee

Hi DAVID FRAGIACOMO,

Take a look to this enh request: CSCum63371.

Seems like the version 9.4.2.6 does not support the manual change of the ssh ciphers, in order to support this command you can upgrade to 9.4(2.99) which is already working or latest.

This are the commands:

-show ssh ciphers

-ssh cipher encryption custom (you can select the ciphers that you want and put them here)

Hope this info helps!!

Rate if helps you!! 

-JP-

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers