How to change SSH ciphers on CAS
search cancel

How to change SSH ciphers on CAS

book

Article ID: 280844

calendar_today

Updated On: 05-09-2024

Products

ISG Proxy CAS-VA

Issue/Introduction

 If you need to remove/change the reported below cipher from the CAS version 3.1.7.0

Environment

CAS version 3.1.7.0

Resolution

If you need specific HMACs or ciphers from your SSH parameters, please refer to the below example:

ContentAnalysis(config-ssh)# view
ciphers [ aes256-ctr aes128-ctr aes256-gcm@openssh.com aes128-gcm@openssh.com ]
hmacs [ hmac-sha2-512 hmac-sha2-256 hmac-sha1-96 hmac-sha1 ]
key-exchange-algo
 
rithms [ diffie-hellman-group18-sha512 diffie-hellman-group16-s    ha512 diffie-hellman-group14-sha256 ecdh-sha2-nistp521 ecdh-sha2-nistp384 ecdh-s    ha2-nistp256 diffie-hellman-group14-sha1 ]


ContentAnalysis(config-ssh)# hmacs <----"then hit enter"
Possible completions:
[ hmac-sha1 hmac-sha1-96 hmac-sha2-256 hmac-sha2-512

ContentAnalysis(config-ssh)# hmacs [ hmac-sha2-512 hmac-sha2-256 ] <------ "re-enter the hmacs list excaduing the desired algorthem that you want to remove"

ContentAnalysis(config-ssh)# view
ciphers [ aes256-ctr aes128-ctr aes256-gcm@openssh.com aes128-gcm@openssh.com ]
hmacs [ hmac-sha2-512 hmac-sha2-256 ]