HPE Community
HPE Nimble Storage Solution Specialists
1819732 Members
3143 Online
109606 Solutions
New Discussion

HP Nimble - SSH Weak Key Exchange Algorithms Enabled

 
SOLVED
Go to solution
socr
Advisor

‎10-17-2023 09:44 PM - last edited on ‎10-20-2023 02:03 AM by

‎10-17-2023 09:44 PM - last edited on ‎10-20-2023 02:03 AM by

HP Nimble - SSH Weak Key Exchange Algorithms Enabled

Hi 

How to disable SSH srvice or port ? 
I didno't find any information at Nimble web page about SSH setting.

thanks.

Reply
6 REPLIES 6
socr
Advisor

‎10-18-2023 06:31 PM - edited ‎10-18-2023 06:33 PM

‎10-18-2023 06:31 PM - edited ‎10-18-2023 06:33 PM

Solution

Re: HP Nimble - SSH Weak Key Exchange Algorithms Enabled

If nimble doesn't have SSH-related configurations, how can I resolve "SSH Weak Key Exchange Algorithms Enabled"?

0 Kudos
Reply
Mahesh202
HPE Pro

‎10-19-2023 06:51 AM

‎10-19-2023 06:51 AM

Re: HP Nimble - SSH Weak Key Exchange Algorithms Enabled

Hi Socr

Unfortunately there is no way to disable the array's SSH service
If SSH Weak Key Exchange Algorithms Enabled is flagged then please raise a ticket with HPE Nimble Tech support and they should be able to help you with a workaround.

Hope this helps.!!

Regards
Mahesh.



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
Reply
socr
Advisor

‎10-19-2023 06:37 PM

‎10-19-2023 06:37 PM

Re: HP Nimble - SSH Weak Key Exchange Algorithms Enabled

Hi Mahesh
I searched for two days, and in the 2018 version of the 'HPE Nimble Storage Encryption Technical White Paper,' I found a mention of Secure Hash Algorithm-256 (SHA-256). I couldn't find any versions beyond 2018.

Thank you for your help.

0 Kudos
Reply
Mahesh202
HPE Pro

‎10-25-2023 11:31 PM

‎10-25-2023 11:31 PM

Re: HP Nimble - SSH Weak Key Exchange Algorithms Enabled

Hi Socr,

Yes,  we have been using a SHA-256 cipher on the array.
To confirm if the array is using the correct hashing algorithm 
Please use the  "cert --info"  command.

Regards
Mahesh.



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
socr
Advisor

‎11-09-2023 05:24 PM - last edited on ‎11-09-2023 10:17 PM by

‎11-09-2023 05:24 PM - last edited on ‎11-09-2023 10:17 PM by

Re: HP Nimble - SSH Weak Key Exchange Algorithms Enabled

@Mahesh202 Hi Mahesh

Thank you, but I still don't understand why HP Nimble with sha256 is being flagged for having SSH Weak Key Exchange Algorithms Enabled during vulnerability scanning.

0 Kudos
Reply
Mahesh202
HPE Pro

‎11-13-2023 11:20 PM

‎11-13-2023 11:20 PM

Re: HP Nimble - SSH Weak Key Exchange Algorithms Enabled

Hi Socr,

May I request you to please update to the Latest nimble GA versions. SSH Weak Key Exchange Algorithm fixed in the new releases
Beginning with OS version 6.0.0.400, the array only supports the following diffie hellman-group key exchanges for SSH sessions

https://infosight.hpe.com/InfoSight/media/cms/active/NimbleOS_Release_Notes_6.0.0.400.pdf

hope this helps.!!

Regards
Mahesh.



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.