Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
972
Views
2
Helpful
2
Replies

SSH Weak Key Exchange Algorithms Enabled

Go to solution
BenBautista8672
Level 1
Level 1

‎10-30-2024 07:17 AM

I read other discussion on this topic however my case might be different because of the type of hardware used. I recently upgraded the IOS on 3560CX switch to 15.2(7)E10 as recommended by the cybersecurity team. The solution I read on this topic is to update the key exchange algorithm, however it only gives two algorithm which are included on the list of Nessus being flag. Redacted show command result below. Is there a other way to disable the key exchange?


SSH Enabled - version 2.0


Encryption Algorithms:aes256-ctr,aes192-ctr,aes128-ctr
MAC Algorithms:hmac-sha2-512,hmac-sha2-256
KEX Algorithms:diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
Authentication timeout: 60 secs; Authentication retries: 5
Minimum expected Diffie Hellman key size : 2048 bits

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
2 Replies 2

Go to solution
Ken Stieers
VIP
VIP

‎10-30-2024 07:30 AM

moved to Switching as you posted in Email Security

0 Helpful
Customers Also Viewed These Support Documents