cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
36402
Views
5
Helpful
13
Replies

How to disable SSH weak key exchange algorithm

rubin.jackson
Level 1
Level 1

Good day,

 

A Nessus scan reports that the following is configured on our Catalyst 6500, WS-C6506-E running on version 15.5(1)SY8

 

  • diffie-hellman-group-exchange-sha1

I would like to disable it, however I can't even find it in the config.

 

Uncertain if the scan reporting correctly or if I am missing something.

 

Thanks,

Rubin

13 Replies 13

Francesco Molino
VIP Alumni
VIP Alumni

Hi

 

 i don’t have a cat6k with that version in my hands right now 

can you check if following commands exists:

ip ssh server algorithm encryption aes256-ctr aes128-ctr
ip ssh server algorithm mac hmac-sha1
no ip ssh server algorithm mac hmac-sha1-96

Those commands could work based on the configuration guide for your IOS version: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_ssh/configuration/15-s/sec-usr-ssh-15-s-book/sec-secure-shell-algorithm-ccc.html#concept_9C253BD1B6AC4F10AB86EFC33C7FECA8

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

The following is configured:

 

ip ssh server algorithm mac hmac-sha1
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr

 

no ip ssh server algorithm mac hmac-sha1-96 --- removed previously

 

Can you post below output :

 

- show run all | in ssh

- show ip ssh

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

show run all | in ssh
ip ssh time-out 120
ip ssh authentication-retries 3
ip ssh source-interface Loopback0
ip ssh break-string ~break
ip ssh version 2
ip ssh dh min size 1024
no ip ssh rekey time
no ip ssh rekey volume
ip ssh server authenticate user publickey
ip ssh server authenticate user keyboard
ip ssh server authenticate user password
no ip ssh server peruser session limit
ip ssh server certificate profile
ip ssh server algorithm mac hmac-sha1
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh server algorithm hostkey x509v3-ssh-rsa ssh-rsa
ip ssh server algorithm authentication publickey keyboard password
ip ssh server algorithm publickey x509v3-ssh-rsa ssh-rsa
ip ssh client algorithm mac hmac-sha1 hmac-sha1-96
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr aes128-cbc 3des-cbc aes192-cbc aes256-cbc
transport input ssh
transport input ssh

 

=====

 

show ip ssh
SSH Enabled - version 2.0
Authentication methods:publickey,keyboard-interactive,password
Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa
Hostkey Algorithms:x509v3-ssh-rsa,ssh-rsa
Encryption Algorithms:aes128-ctr,aes192-ctr,aes256-ctr
MAC Algorithms:hmac-sha1
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): <output omitted>

ssh-rsa <output omitted>

May be Try 2048

 

ip ssh dh min size 1024

below my output runing RSA 2048

 

#show ip ssh
SSH Enabled - version 2.0
Authentication methods:publickey,keyboard-interactive,password
Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,x509v3-ecdsa-sha2-nistp256,x509v3-ecdsa-sha2-nistp384,x509v3-ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512
Hostkey Algorithms:x509v3-ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-rsa
Encryption Algorithms:aes128-gcm,aes256-gcm,aes128-ctr,aes192-ctr,aes256-ctr
MAC Algorithms:hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-512
KEX Algorithms:ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 2048 bits

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

I will increase the key size to 4096 sometime next week.

I will post my whether this resolves the issue.

2048 bits - is good enough on these models, if you configure higher than 2048 bits - the process may be slow when it creates time.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello,

 

on a side note, you might want to disable SSH version 1 altogether by configuring:

 

ip ssh version 2

 

That should disable any 'weak' algorithms. When you issue the command 'show ip ssh' it should say 'version 2' instead of '1.99' (1.99 means both version 1 and 2 are supported).

Was this ever resolved? I am currently experiencing a similar issue on my 6509-E running version 15.5(1)SY7. I was able to mitigate this vulnerability on my 3850's and 9300's, but I see no option to even enable/disable a KEX algorithm.

This is the current SSH configuration:

SSH Enabled - version 2.0
Authentication methods:publickey,keyboard-interactive,password
Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa
Hostkey Algorithms:x509v3-ssh-rsa,ssh-rsa
Encryption Algorithms:aes256-ctr
MAC Algorithms:hmac-sha1
Authentication timeout: 60 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 2048 bits

There is no configuration for a KEX algorithm in there, and somehow this switch is still popping on the vulnerability scan stating:

The following weak key exchange algorithms are enabled :

diffie-hellman-group-exchange-sha1
diffie-hellman-group1-sha1

Any help or insight would be greatly appreciated.

My organization decided to decommission the pair of Catalyst 6500s.

I never got to test a solution.

 

No worries Cat 6K one of the best product ever seen in Cisco, that give long live Like Router 7200 VXR.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Network713
Level 1
Level 1

Issue: SSH Server Supports Weak Key Exchange Algorithms:22

Fix cli - ip ssh server algorithm kex ecdh-sha2-nistp521

Make sure you can open another ssh session into your device after you put the command in, so you don't lock yourself out.

 

Reccomend to do this also:

ip ssh time-out 15

ip ssh authentication-retries 2

ip ssh version 2

ip ssh server algorithm mac hmac-sha2-256 <<<this will have error and can’t use putty if I use a higher one

ip ssh server algorithm encryption aes256-ctr

The version of software may not support the "ip ssh server algorithm kex" command. If you type "show run all | i ssh" you should see the command if its supported. Using the default values, this command is usually hidden, which is why you would want to use the show run all command. I resolved a similar finding by removing "diffie-hellman-group14-sha1" from the ssh kex algorithm.

ip ssh server algorithm kex ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco