SSH2 - alert I need help with...

To: ietf-ssh%netbsd.org@localhost
Subject: SSH2 - alert I need help with...
From: Rich Genail <genail%us.ibm.com@localhost>
Date: Tue, 15 May 2007 00:45:56 -0500

Vulnerability : SSH2 Algorithm Negotiation Enumeration
Additional description : SSH Server Key Exchange Init Enumeration Key Exchange diffie-hellman-group-exchange-sha256 diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1 diffie-hellman-group1-sha1 Server Host Key ssh-rsa ssh-dss Client to Server Encryption aes128-cbc 3des-cbc blowfish-cbc cast128-cbc arcfour128 arcfour256 arcfour aes192-cbc aes256-cbc rijndael-cbc%lysator.liu.se@localhost aes128-ctr aes192-ctr aes256-ctr Server to Client Encryption aes128-cbc 3des-cbc blowfish-cbc cast128-cbc arcfour128 arcfour256 arcfour aes192-cbc aes256-cbc rijndael-cbc%lysator.liu.se@localhost aes128-ctr aes192-ctr aes256-ctr Client to Server MAC hmac-md5 hmac-sha1 hmac-ripemd160 hmac-ripemd160%openssh.com@localhost hmac-sha1-96 hmac-md5-96 Server t

I received this alert some time ago. I have not been able to figure out how to get our scans to clear this alert. I have been told to verify or eliminate all weak encryptions. I can not figure out how to accomplish this. Can anyone offer a suggestion or explain to me what I need to do. I am not that familiar with ssh encryption, just basic concepts. I am running OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007. I thought upgrading to latest version would resolve the problem, but nooooooo.

Help! Going nuts. Throw a lifesaver! Going dowwn....

Rich

genail%us.ibm.com@localhost

Prev by Date: Re: Clarifications to RFC 4255 ?
Next by Date: is this "broken"?
Previous by Thread: Clarifications to RFC 4255 ?
Next by Thread: is this "broken"?
Indexes:

Home | Main Index | Thread Index | Old Index