Deprecated SSH Cryptographic Settings in Service Processor: key exchange diffie-hellman-group1-sha1
Applies to
- ONTAP 9
- Data ONTAP 8
- Data ONTAP operating in 7-Mode
- Service Processor
Issue
- Penetration testing tool or security software audit could report a vulnerability on the Service Processor IP address as supporting deprecated SSH Cryptographic Settings, such as
diffie-hellman-group1-sha1
. - A more generic alert such as
ssh-weak-kex-algorithms
orSSH Weak key Exchange Algorithms Enable
could also be reported.