Network Management

last person joined: yesterday 

Keep an informative eye on your network with HPE Aruba Networking network management solutions
Back to discussions
Expand all | Collapse all

Airwave SSH Ciphers

This thread has been viewed 8 times

  • 1.  Airwave SSH Ciphers

    EMPLOYEE
    Posted Jun 05, 2017 10:37 AM

    I am following up with a customer after they had a security audit regarding SSH Ciphers on Airwave.

     

    I found the following article showing me how to disable obsolete ciphers: https://community.arubanetworks.com/t5/Monitoring-Management-Location/How-to-disable-obsolete-SSH-cipher-MAC-algorithms/ta-p/292311

     

    HOWEVER, with Airwave 8.2.4 code, we now have a limited menu and I can't seem to get CLI access to AMP to follow the article above.

     

    Could someone please advise how to get CLI access or inform me what SSH ciphers are currently enabled with AMP 8.2.4?

     

    Thanks in advance!



  • 2.  RE: Airwave SSH Ciphers

    EMPLOYEE
    Posted Jun 05, 2017 11:22 AM

    Hi

     

    Please check below link which explain in detail about SSH Ciphers

    https://community.arubanetworks.com/t5/Wireless-Access/SSH-and-AES-CBC/td-p/248919

     

    If still dont want to see those ciphers, open TAC ticket.

     

    Regards,

    Pavan

    If my post addresses, your query give kudos:)



  • 3.  RE: Airwave SSH Ciphers
    Best Answer

    EMPLOYEE
    Posted Jun 05, 2017 12:43 PM

    The 8.2.4 ciphers should not need to be updated as the defaults comply with the notice of obsolete encryptions.

    Here's the list of ciphers we're using in 8.2.4:

     

    # cat /etc/ssh/sshd_config

    ...

    Ciphers aes128-cbc,aes192-cbc,aes256-cbc
    MACs hmac-sha1,hmac-sha2-256,hmac-sha2-512
    KexAlgorithms diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384
    ServerKeyBits 2048

    ...

     

    Hope this helps.