To remove the SHA1 based algorithms and SSH-RSA based keys usage from the SSH service, follow the steps below for VMware Aria Operations for Logs
Quick Links:
VMware Aria Operations for logs 8.12.xVMware Aria Operations for logs 8.14.x
- Log into the Primary node as root via SSH or Console.
- Run the following command to backup the /etc/ssh/sshd_config file:
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
- Run the following command to open /etc/ssh/sshd_config in a text editor:
vi /etc/ssh/sshd_config
- Press i to enter insert mode.
- Find the KexAlgorithms line and modify it to match the following:
KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
Note: If the line does not exist, add it manually to the end of the file
- Find the MACs line and modify it to match the following:
- At the end of the file, add the following lines:
- Press Esc, then type :wq and press Enter to save and close the file.
- Run the following command to restart the sshd service:
systemctl restart sshd
- Repeats steps 1-9 on all other VMware Aria Operations for Logs nodes.
- Log into the Primary node as root via SSH or Console.
- Run the following command to backup the /etc/ssh/sshd_config file:
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
- Run the following command to open /etc/ssh/sshd_config in a text editor:
vi /etc/ssh/sshd_config
- Press i to enter insert mode.
- Find the MACs line and modify it to match the following:
- At the end of the file, add the following line:
KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
- Press Esc, then type :wq and press Enter to save and close the file.
- Run the following command to restart the sshd service:
systemctl restart sshd
- Repeats steps 1-8 on all other VMware Aria Operations for Logs nodes.