Comware-Based
cancel
Showing results for 
Search instead for 
Did you mean: 

Setting SSH Version on Flexfabric Switch

Birdman_2000
Occasional Contributor

Setting SSH Version on Flexfabric Switch

We just had a Penetration test ran on our domain.  Once of the items that came up was my Flexfabric 5700 switches support SSH Version 1.  I can't figure out how to set the compatability setting for SSH.  I see the command under the SSH, but the only excepted option is "enable". I want to disable.  Anyone know how to do that in the FlexFabric OS?

Comment from Pen Tester

The remote SSH daemon supports connections made using the version 1.33 and/or 1.5 of the SSH protocol.  These protocols are not completely cryptographically safe so they should not be used.The remote service offers an insecure cryptographic protocol.  

There Solution

Disable compatibility with version 1 of the protocol.

1 REPLY
HP-Browniee
Trusted Contributor

Re: Setting SSH Version on Flexfabric Switch

Hello

Can you try this command: 

undo ssh server compatible-ssh1x

This will disable ssh version 1.

For more info see this article.

 

Kind regards