Description |
This article explains how to overcome vulnerabilities related to SSH Weak Message Authentication Code Algorithms. |
Scope |
When doing vulnerability assessments against the FortiGate. For FortiOS version 7.0 and upper. |
Solution |
The vulnerability related to Weak MAC algorithms is resolved by doing the below:
# config system global set ssh-mac-algo <> end
Below algorithms are available:
hmac-sha2-256 hmac-sha2-256-etm@openssh.com hmac-sha2-512 hmac-sha2-512-etm@openssh.com
Specify stronger algorithms specifically to be used. Hence avoiding the possibility of vulnerabilities being detected due to weaker algorithms being used for connections. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.