Security

 View Only
last person joined: yesterday 

Ask questions and share experiences with Juniper Connected Security. Discuss Advanced Threat Protection, SecIntel, Secure Analytics, Secure Connect, Security Director, and all things related to Juniper security technologies.
Expand all | Collapse all

SSH Weak Key Exchange Algorithms Enabled on port 830/tcp and port 22/tcp

  • 1.  SSH Weak Key Exchange Algorithms Enabled on port 830/tcp and port 22/tcp

    Posted 02-03-2022 10:45
    Hello all,
    please help! i have a couple of juniper devices EX2200, SRX550, EX4200 who have the vulnerability  :The remote SSH server is configured to allow weak key exchange algorithms.
    How can I  fix this ?

    Thanks

    ------------------------------
    DIEUDONNE LEUMALEU FEUDE
    ------------------------------


  • 2.  RE: SSH Weak Key Exchange Algorithms Enabled on port 830/tcp and port 22/tcp

    Posted 02-04-2022 11:52
    Hello,

    Generally speaking, running the latest versions of Junos will guarantee that you don't have weak ciphers being used by default.

    Since those are older pieces of hardware, you may be limited in what you can upgrade to.

    To modify what ciphers are in use, you can modify the configuration under:
    [system services ssh ciphers]



    ------------------------------
    Craig Dods
    ------------------------------