Using Telnet for remote administration of Cisco Routers and Switches (infact for any other device like a unix,linux or a solaris seerver) is not very secure as the data including the passwords are sent in clear text.
Symptom: SSH servers on Cisco Nexus 5k devices may be flagged by security scanners due to the inclusion of the weak ciphers, HMACs and Key Exchange (KEX) algorithms. There is no way to modify the ssh server settings to enable or disable certain ciphers or protocols. Conditions: This issue applies specifically to Nexus 5500 Platform Switches, Nexus 5600 Platform Switches and Nexus 6000 Series Switches with ssh server enabled for CLI access.
Aug 03, 2015 · We present a tool to identify whether an SSH server configuration permits the use of a weak DH key exchange group. To determine whether an SSH client is able to exchange a key using a weak DH group, our tool attempts to connect to the server with specific client configurations.
Sep 14, 2017 · (key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm `- [warn] using small 1024-bit modulus `- [warn] using weak random number generator could reveal the key
Sep 03, 2020 · * Running SSH service * Insecure key exchange algorithms in use: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 Attached Thumbnails Last edited by James0806; 09-03-2020 at 10:07 AM .
OpenSSH server supports various authentication. It is recommended that you use public key based authentication. First, create the key pair using following ssh-keygen command on your local desktop/laptop: DSA and RSA 1024 bit or lower ssh keys are considered weak.