SHA1 deprecated vulnerability for SSH on ESXi hosts.
VMware vSphere ESXi
Steps to disable on ESXi:
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.old
3. Edit /etc/ssh/sshd_config
vi /etc/ssh/sshd_config
4. Find the following block:
Ciphers [email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
MACs [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-sha1
5. Change to this:
Ciphers [email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
MACs [email protected],[email protected],hmac-sha2-512,hmac-sha2-256
kexalgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256, diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
6. Save the file with ":wq" and restart sshd:
systemctl restart sshd