ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Deactivate insecure Diffie-Hellmann Algorithm for SSH KEX

book

Article ID: 221337

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

The use of deprecated Key-Exchange-Algorithms in SSH have been detected.

The problematic Key-Exchange Algorithm method is diffie-hellman-group1-sha1

How can this group be disabled?

Environment

Release : 10.7.4

Component :

Resolution

This issue can be resolved by using FIPS mode.

FIPS mode can be enabled per scanner from the command line using the following command (with one of three options):

fipsmode(on|off|status)