Comware Based
1748079 Members
5132 Online
108758 Solutions
New Discussion

Setting SSH Version on Flexfabric Switch

 
Birdman_2000
Occasional Contributor

Setting SSH Version on Flexfabric Switch

We just had a Penetration test ran on our domain.  Once of the items that came up was my Flexfabric 5700 switches support SSH Version 1.  I can't figure out how to set the compatability setting for SSH.  I see the command under the SSH, but the only excepted option is "enable". I want to disable.  Anyone know how to do that in the FlexFabric OS?

Comment from Pen Tester

The remote SSH daemon supports connections made using the version 1.33 and/or 1.5 of the SSH protocol.  These protocols are not completely cryptographically safe so they should not be used.The remote service offers an insecure cryptographic protocol.  

There Solution

Disable compatibility with version 1 of the protocol.

1 REPLY 1
HP-Browniee
Respected Contributor

Re: Setting SSH Version on Flexfabric Switch

Hello

Can you try this command: 

undo ssh server compatible-ssh1x

This will disable ssh version 1.

For more info see this article.

 

Kind regards