Sun Microsystems, Inc.  Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-72-2384209.1
Update Date:2018-04-11
Keywords:
Solution Type  Problem Resolution Sure

Solution  2384209.1 :   VSM7 - Security scan found unapproved and insecure SSH encryption algorithms, MAC algorithms, and cipher suites are enabled  

Related Items 
    

  • StorageTek Virtual Storage Manager System 7 (VSM7)
    •  
Related Categories 
    

  • PLA-Support>Sun Systems>TAPE>Virtual Tape>SN-TP: VSM7
    •  






In this Document


Symptoms


Changes


Cause


Solution




Applies to:  

StorageTek Virtual Storage Manager System 7 (VSM7) - Version 7.0.0 to 7.1.2 [Release 7.0]
Information in this document applies to any platform.



Symptoms


Security scan found unapproved and insecure SSH encryption algorithms, MAC algorithms, and cipher
suites are enabled


Changes


 none


Cause


The following SSH Encryption Algorithms RC4, RC4-128, and RC4-256
HMAC-MD5, HMAC-MD5-96, HMAC-SHA1-96, HMAC-SHA2-256-96, and HMACSHA2-512-96 are enabled


 


ssh -vvv host_ip to see what Ciphers and MACs the VSM6/7 is allowing


Solution


Log onto both nodes


and vi the file /etc/ssh/sshd_config


sudo bash /etc/ssh/sshd_config


add the following lines to end of file


Ciphers aes128-ctr,aes192-ctr,aes256-ctr
MACs hmac-sha2-256,hmac-sha2-512,hmac-sha1


save the file :wq!


restart ssh service


sudo svcadm restart ssh


 


This change can be done non disruptive



Attachments

This solution has no attachment


















       

Copyright © 2018 Oracle, Inc.  All rights reserved.

 Feedback