+x herry21 - 9/13/2021 3:06:12 AM+x herry21 - 9/13/2021 3:05:10 AM+x Technical Support Group (TSG) - 9/10/2021 3:40:37 PM+x herry21 - 9/10/2021 8:06:01 AMHi,Due to infosec team found that Diffie Helman as a Vulnerability, we are required to disable it on fortress ssh server. How can we do it?Regards,Hello,You can configure the server algorithms using the Local FortressSSH Configuration program. Under the General Settings branch there is a page for each configurable option of the ssh protocol: Cipher; Compression; Host Key; Key Exchange; and MAC. On the Key Exchange branch you can uncheck any algorithm that you do not want allowed. If you do not have the Key Exchange branch, you should update to the latest build at www.pragmasys.com/ssh-server/download.Hi,We already upgrade the software, then uncheck any algorithm we don't want.But after login to the server using ssh, and perform query using "ssh -Q kex", the algorithm still there, even after restarting the fortress services.How to make sure that clients are not allowed to use the algorithm?Thank you,HeriWe need to disable diffie-hellman-group-sha1
+x herry21 - 9/13/2021 3:05:10 AM+x Technical Support Group (TSG) - 9/10/2021 3:40:37 PM+x herry21 - 9/10/2021 8:06:01 AMHi,Due to infosec team found that Diffie Helman as a Vulnerability, we are required to disable it on fortress ssh server. How can we do it?Regards,Hello,You can configure the server algorithms using the Local FortressSSH Configuration program. Under the General Settings branch there is a page for each configurable option of the ssh protocol: Cipher; Compression; Host Key; Key Exchange; and MAC. On the Key Exchange branch you can uncheck any algorithm that you do not want allowed. If you do not have the Key Exchange branch, you should update to the latest build at www.pragmasys.com/ssh-server/download.Hi,We already upgrade the software, then uncheck any algorithm we don't want.But after login to the server using ssh, and perform query using "ssh -Q kex", the algorithm still there, even after restarting the fortress services.How to make sure that clients are not allowed to use the algorithm?Thank you,Heri
+x Technical Support Group (TSG) - 9/10/2021 3:40:37 PM+x herry21 - 9/10/2021 8:06:01 AMHi,Due to infosec team found that Diffie Helman as a Vulnerability, we are required to disable it on fortress ssh server. How can we do it?Regards,Hello,You can configure the server algorithms using the Local FortressSSH Configuration program. Under the General Settings branch there is a page for each configurable option of the ssh protocol: Cipher; Compression; Host Key; Key Exchange; and MAC. On the Key Exchange branch you can uncheck any algorithm that you do not want allowed. If you do not have the Key Exchange branch, you should update to the latest build at www.pragmasys.com/ssh-server/download.
+x herry21 - 9/10/2021 8:06:01 AMHi,Due to infosec team found that Diffie Helman as a Vulnerability, we are required to disable it on fortress ssh server. How can we do it?Regards,