Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4164
Views
0
Helpful
0
Replies

disable key exchange algorithms diffie-hellman-group-exchange-sha1

Peng Xiao
Level 1
Level 1

‎10-25-2021 08:22 AM

 

1. cisco Nexus5548 version 7.3(5)N1(1)

 

 

S1(config)# ssh ?
  key             Generate SSH Key
  login-attempts  Set maximum login attempts

S1(config)# ssh

there is no command to disable or change dh groups like IOS

 

2.Cisco IOS Software, C3900e Software (C3900e-UNIVERSALK9-M), Version 15.5(3)M7, RELEASE SOFTWARE (fc1)

 

R1(config)#ip ssh dh min size ?
  1024  Diffie Group 1 1024-bit key
  2048  Diffie Group 14 2048-bit key
  4096  Diffie Group 16 4096-bit key
 
even we configured dh min size 4096, we still can use 
 
ssh -o "KexAlgorithms diffie-hellman-group-exchange-sha1"
 
to connect the device.
 
anybody can tell me why? Thanks
 
 
 
2 people had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card