05-01-2020 12:14 PM
Could someone here please help me answer this question: have a 6504E running on 15.5(1)SY5 (latest) and need to know if its KEX algorithms can be updated somehow to a more modern set, currently only supporting diffie-hellman-group-exchange-sha1.
Thanks!
05-01-2020 12:34 PM
here is the latest information :
https://community.cisco.com/t5/security-documents/guide-to-better-ssh-security/ta-p/3133344
BB
***** Rate All Helpful Responses *****
How to Ask The Cisco Community for Help
05-01-2020 12:47 PM
Thanks, appreciate it. However that doesn't cover KEX on the cisco switch...
05-01-2020 01:26 PM
You could try the following command (replace <size> with the value you need or use ? to see what is available):
ip ssh dh min size <size>
05-01-2020 02:15 PM
Thank you, but that also doesn't address my concern. The KEX available still show dh with sha-1 only.
05-02-2020 01:04 AM
Came across this document. Hopefully it will point you in the right direction.
05-02-2020 03:15 PM
Thanks, that's the same doc shared on the 1st reply. Unfortunately it does not address my question.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
