ExtremeSwitching (EOS)

 View Only

SSH Weak Key Exchange Algorithms Enabled

  • 1.  SSH Weak Key Exchange Algorithms Enabled

    Posted 03-15-2022 00:59
    Edited by Parvinder Singh 03-15-2022 01:03
    Hi Team ,

    I am facing issue in Extreme switches for SSH Weak Key Exchange Algorithms Enabled . Can anybody help how to remove this thing .
    System Type: NWI-E450A
    Created by ExtremeXOS version 16.2.3.5

    The remote SSH server is configured to allow key exchange algorithms which are considered weak.

    This is based on the IETF draft document Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH)
    draft-ietf-curdle-ssh-kex-sha2-20. Section 4 lists guidance on key exchange algorithms that SHOULD NOT and MUST NOT be
    enabled. This includes:

    diffie-hellman-group-exchange-sha1

    diffie-hellman-group1-sha1

    gss-gex-sha1-*

    gss-group1-sha1-*

    gss-group14-sha1-*

    rsa1024-sha1


    Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software
    versions.


    regards 
    Parvinder SIngh