Thanks a lot, I just execute this all and let you know after scan ,
Original Message:
Sent: 9/14/2023 7:31:00 PM
From: fb35523
Subject: RE: How to fix SSH vulnerability. in Juniper switch
You can tailor your SSH cipher suite like this:
set system services ssh ciphers aes256-ctr
set system services ssh macs hmac-sha2-256
set system services ssh macs hmac-sha2-512
set system services ssh hostkey-algorithm ssh-ed25519
You can add multiple on each type if you have more than one algorithm that you approve of.
Original Message:
Sent: 09-13-2023 01:32
From: Syed Yasir
Subject: How to fix SSH vulnerability. in Juniper switch
Thanks ETH4N3T actually we run a scan after the in few juniper switches EX3400 found SSH vulnerability I try to fix it to modify SSH chippers option to disable but its already showing this and available option is so I little bit confuse how to fix it,
warning: element 'aes128-cbc' not found
aes128-cbc 128-bit AES with Cipher Block Chaining
aes128-ctr 128-bit AES with Counter Mode
aes128-gcm@openssh.com 128-bit AES with Galois/Counter Mode
aes192-cbc 192-bit AES with Cipher Block Chaining
aes192-ctr 192-bit AES with Counter Mode
aes256-cbc 256-bit AES with Cipher Block Chaining
aes256-ctr 256-bit AES with Counter Mode
aes256-gcm@openssh.com 256-bit AES with Galois/Counter Mode
arcfour 128-bit RC4 with Cipher Block Chaining
arcfour128 128-bit RC4 with Cipher Block Chaining
arcfour256 256-bit RC4 with Cipher Block Chaining
blowfish-cbc 128-bit Blowfish with Cipher Block Chaining
cast128-cbc 128-bit CAST with Cipher Block Chaining
chacha20-poly1305@openssh.com ChaCha20 stream cipher and Poly1305 MAC
{master:1}[edit]
------------------------------
Syed Yasir
Original Message:
Sent: 09-12-2023 15:54
From: Ethan Jackson
Subject: How to fix SSH vulnerability. in Juniper switch
Hi Syed,
Can you please provide more information on the SSH vulnerability issue your having so I can try to help and advise?
KR,
Ethan
------------------------------
Ethan Jackson
Original Message:
Sent: 09-12-2023 09:11
From: Syed Yasir
Subject: How to fix SSH vulnerability. in Juniper switch
how to fix SSH vulnerability. which Ciphers need to disable or enable
------------------------------
Syed Yasir
------------------------------