I try to harden the security of my Aruba 2930F switch by disabling SHA-1 and enabling SHA-256.
SW01(config)# password non-plaintext-sha256
SW01(config)# password manager user-name admin sha256 [PASSWORD-STR]
When I try to logon from the client machine running Linux with OpenSSH legacy SHA-1 deactivated, I get:
$ ssh email@example.com
Unable to negotiate with 10.0.16.1 port 22: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1
I did follow the ArubaOS Hardening Guide here but I may had missed something.
the first command is for store password on the switch..
the hardening guide is for Aruba OS Mobility Controller
I not sure it is is possible to change the cipher for SSH on ArubaOS switch...
HW HPE 2530-48 ver YB.16.10.0010
ArubaOS-Switch Hardening Guide for 16.06.pdf p19 shown I can create a user with sha256switch(config)# password manager user-name localadmin sha256 95d30169a59c418b52013315fc81bc99fdf0a7b03a116f346ab628496f349ed5
but I can't find sha256, only sha1 in my switch
# password manager user-name adminaging-period Configures the password aging time for a user.clear-history-record Clears the history of the password for a user.min-pwd-length Configures the minimum password length for a user.plaintext Enter a plaintext password.sha1 Enter a SHA-1 password hash.
How to enable user sha256It is easy to decrypt sha1
Hi! have you tried to first enable password storage as encrypted using SHA-256 through the command password non-plaintext-sha256 ? Me too haven't found the sha256 option.
There is no "password non-plaintext-sha256" command
HP-2530-24(config)# password non-plaintext-sha256Invalid input: non-plaintext-sha256
SW01(config)# password non-plaintext-sha256SW01(config)# password manager user-name admin sha256 [PASSWORD-STR]
$ ssh firstname.lastname@example.orgUnable to negotiate with 10.0.16.1 port 22: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.