Jump to content
Welcome to our new Citrix community!

how to disable SHA-1 algorithm in SSH , all Netscaler SDX are flagged vulnerable with QID38909(Qualys)


Recommended Posts

hi All , 

 

Does anyone know how to disable old SHA-1 algorithm  that SSH uses on netscaler SDX/SVM ?  following algorithms are tagged as vulnerable on qualys scan QID38909(Qualys) 

hmac-sha1    <<---  OLD
hmac-sha1-96   <<---  OLD

hmac-sha1-etm@openssh.com   <<---  OLD
hmac-sha1-96-etm@openssh.com   <<---  OLD

 

 

bash-3.2# ssh -Q mac
hmac-sha1    <<---  OLD
hmac-sha1-96   <<---  OLD
hmac-sha2-256
hmac-sha2-512
hmac-md5
hmac-md5-96
umac-64@openssh.com
umac-128@openssh.com
hmac-sha1-etm@openssh.com   <<---  OLD
hmac-sha1-96-etm@openssh.com   <<---  OLD
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-md5-etm@openssh.com
hmac-md5-96-etm@openssh.com
umac-64-etm@openssh.com
umac-128-etm@openssh.com
bash-3.2#

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...