cancel
Showing results for 
Search instead for 
Did you mean: 

SSH Server CBC Mode Ciphers Enabled

SSH Server CBC Mode Ciphers Enabled

Andy_Robb
New Contributor
How do I resolve the below audit finding on the C3 Switch?
SSH Server CBC Mode Ciphers Enabled
SSH Weak MAC Algorithms Enabled
2 REPLIES 2

Eddie_Brown
New Contributor
How about for an S4 chassis switch? Any plans on fixing it there with this OS?
Or this open issue? xos0060993

AG1
Extreme Employee
The C3-Series switches are heading to the end of support and there are no plans to modifying SSH on those solutions.

The OpenSSH Security Advisory provides the following information:

"For most SSH usage scenarios, this attack has a very low likelihood of being carried out successfully - each attempt has a low probability of success and each failure will cause connection termination with a fatal error. It is therefore very unlikely for an interactive session to be usefully attacked using this protocol weakness: an attacker would expect around 11356 connection-killing attempts before they are likely to succeed."

Additional information is available at http://www.openssh.com/txt/cbc.adv.

I hope it helps.
GTM-P2G8KFN