SSH Weak Key Exchange Algorithms Enabled
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-30-2022 10:40 PM
Hi Guys,
I have a Cisco SF300 switch. We have done VAPT and found that vulnerability "SSH Weak Key Exchange Algorithms Enabled". I need to disable this. Please suggest how to resolve this issue. How i can login to switch via ssh more securley?
Regards,
Rakesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-30-2022 11:51 PM
- Use latest firmware for the device , (if not yet done) , check if that can help.
M.
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-31-2022 10:19 PM
The current running Firmware version is 1.4.11.5 and it is the latest firmware.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-31-2022 01:30 AM
check some Vulnerable and guide lines :
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-sbms
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-31-2022 10:36 PM
As per the shared link, there is no workaround that addresses this vulnerability.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-31-2022 10:38 PM
Is there any alternate way to access the switch via SSH more securely? Is there any more option in ssh authentication?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-01-2022 05:04 AM
Hi,
I got this document on the internet, public key authentication for ssh on cisco switches.
https://helpdeskgeek.com/how-to/enable-public-key-authentication-ssh-cisco-sg300-switches/
