SL3000 - Reporting Weak Algorithms Supported in ssh, the Remote SSH Server is Configured to Allow Weak Encryption Algorithms or no Algorithm at All
(Doc ID 2498960.1)
Last updated on MARCH 13, 2024
Applies to:
Sun StorageTek SL3000 Modular Library System - Version Not Applicable and laterInformation in this document applies to any platform.
Symptoms
Reporting weak algorithms supported in ssh.
Security team has scanned our sl3000 and its reporting weak algorithms supported Plugin Output:
"The following weak server-to-client encryption algorithms are supported :
arcfour
arcfour128
arcfour256"
"The remote SSH server is configured to allow weak encryption algorithms or no algorithm at all."
The oracle FE applied the latest code, but the issue still remains. We are seeing 3 different "findings" for this as follows.
- "Contact the vendor or consult product documentation to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption."
- "Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms."
- "Contact the vendor or consult product documentation to remove the weak ciphers."
The scan reported this..
Plugin Output:
The following client-to-server Cipher Block Chaining (CBC) algorithms are supported :
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
blowfish-cbc
cast128-cbc
"Contact the vendor or consult product documentation to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption."
---------------------------------------------------------------------
Plugin Output:
The following client-to-server Message Authentication Code (MAC) algorithms are supported :
hmac-md5
hmac-md5-96
hmac-sha1-96
Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms.
---------------------------------------------------------------------
Plugin Output:
The following weak server-to-client encryption algorithms are supported :
arcfour
arcfour128
arcfour256
"Contact the vendor or consult product documentation to remove the weak ciphers."
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |