Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
966
Views
1
Helpful
3
Replies

HOW TO remove Weak SSH ciphers in UCS Fi 6324

jlanuza
Level 1
Level 1

‎05-29-2023 08:29 AM

Hello everybody,  Do you have a method to remove weak ciphers for SSH protocol in UCS fabric interconnector 6324 mini,  i have just the option to enable or disable SSH but not to configure ciphers, macs, e curves,  or some documentation that should clarify our Security deparment.

Thanks in advanced

 

 

 

0 Helpful
3 Replies 3

Kirk J
Cisco Employee
Cisco Employee

‎05-29-2023 10:51 AM

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-Management/4-2/b_Cisco_UCS_Admin_Mgmt_Guide_4-2/m_ucs_manager_communication_services.html

Sounds like maybe you need to upgrade the UCSMini to a later version (i.e. 4.2) that allows the cipher config.

 

Kirk...

 

0 Helpful

Riaan van Niekerk
Level 1
Level 1
In response to Kirk J

‎12-17-2023 05:25 AM

The page you linked to, only provides notes on setting the HTTPS/SSL ciphers, not the SSH ones?

0 Helpful

Steven Tardy
Cisco Employee
Cisco Employee

‎12-19-2023 07:31 AM

TAC opened CDET a few months ago regarding this issue:

CSCwh79071 :: Deprecated SSH cryptographic settings 

The CDET has been changed from a Sev 3 to a Sev 6 (enhancement) by UCS engineering.

The best thing to do is open a Cisco TAC case and have TAC attach the TAC case to the CDET.
(Without doing this attachment, then this enhancement will likely never be prioritized and resolved. )

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card