SSH Server CBC Mode Ciphers Enabled

  • 0
  • 1
  • Question
  • Updated 5 months ago
  • Answered
How do I resolve the below audit finding on the  C3 Switch?
SSH Server CBC Mode Ciphers Enabled
SSH Weak MAC Algorithms Enabled
Photo of Andy Robb

Andy Robb

  • 100 Points 100 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Adilson Gal

Adilson Gal, Employee

  • 1,408 Points 1k badge 2x thumb
The C3-Series switches are heading to the end of support and there are no plans to modifying SSH on those solutions.  

The OpenSSH Security Advisory provides the following information: 

"For most SSH usage scenarios, this attack has a very low likelihood of being carried out successfully - each attempt has a low probability of success and each failure will cause connection termination with a fatal error. It is therefore very unlikely for an interactive session to be usefully attacked using this protocol weakness: an attacker would expect around 11356 connection-killing attempts before they are likely to succeed."

Additional information is available at

I hope it helps. 
Photo of Eddie Brown

Eddie Brown

  • 192 Points 100 badge 2x thumb
How about for an S4 chassis switch?  Any plans on fixing it there with this OS?
Or this open issue? xos0060993