Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Is it possible disable diffie-hellman-group1-sha1 in a Cisco 2811 Os v.12.4(24)T2 router?
I put this command:
> ip ssh dh min size 2048
for 2048 bits, but in security scanning says that it permits:
| kex_algorithms: (3)
| diffie-hellman-group-excha...
Es posible desactivar ese algoritmo??
He metido el comando:
> ip ssh dh min size 2048
para que use 2048 bits, pero en los escaneos de herramientas de seguridad me sigue diciendo que permite:
| kex_algorithms: (3)
| diffie-hellman-group-exchange-sha1...
Hi Philip,
the problem is when I try a debug with a ssh client forcing the use of DH Group-1:
$> ssh -vvv -o "KexAlgorithms diffie-hellman-group1-sha1" user@router2811_ip:
..............................
debug2: kex_parse_kexinit: diffie-hellman-g...