07-31-2015 07:03 AM - edited 03-10-2019 06:25 AM
Hi All
In network audit we have got the below mentioned comment from the auditor for cisco switches. can any one provide solution for the same.
SSH Protocol Version 1 Session Key Retrieval
The remote host is running a Telnet server over an unencrypted channel.
Using Telnet over an unencrypted channel is not recommended as logins, passwords, and commands are transferred in cleartext. This allows a remote, man-in-the-middle attacker to eavesdrop on a Telnet session to
obtain credentials or other sensitive information and to modify traffic exchanged between a client and server.
SSH is preferred over Telnet since it protects credentials from eavesdropping and can tunnel additional data streams such as an X11 session.
Regards
Suneel
Solved! Go to Solution.
07-31-2015 02:51 PM
07-31-2015 02:51 PM
Just setup SSH correctly:
https://supportforums.cisco.com/document/12338141/guide-better-ssh-security
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: