SSH to Cisco ASA does not support sha1

Answered Question
Dec 2nd, 2016
User Badges:

I have issues connecting with SSH to my Cisco ASA firewall.

My SSH client (osx terminal) complains about sha1 that is the only key exchange hash method that the ASA supports. I cannot find any solution for it on the Cisco-side.


Any ideas?

https://nat0.net/asa-ssh-sha1/


Correct Answer by kaisero about 4 months 3 weeks ago

Unfortunately there is no solution on the asa side at the moment. The only workaround is editing your ssh configuration on the client-side to accept sha1. I think we will see a solution to this in the near future but there is no public visible enhancement request at the moment that I am aware of.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
kaisero Fri, 12/02/2016 - 08:10
User Badges:
  • Silver, 250 points or more

Unfortunately there is no solution on the asa side at the moment. The only workaround is editing your ssh configuration on the client-side to accept sha1. I think we will see a solution to this in the near future but there is no public visible enhancement request at the moment that I am aware of.

Actions

This Discussion