跳转到主内容

为管理SVM报告的SSH服务器公共密钥太小漏洞

Views:
5
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core<a>2009年432710</a>
Last Updated:

适用场景

  • ONTAP 9
  • Qualys扫描程序
  • SSH

问题描述

安全扫描程序会为管理SVM中的某个接口标记以下漏洞:
 
SSH Server Public Key Too Small
QID: 38738
 
THREAT:
The SSH protocol (Secure Shell) is a method for secure remote login from one computer to another.
The SSH Server is using a small Public Key.
Best practices require that RSA digital signatures be 2048 or more bits long to provide adequate security.
Key lengths of 1024 are acceptable through 2013, but since 2011 they are considered deprecated.
 
IMPACT:
A man-in-the-middle attacker can exploit this vulnerability to record the communication to decrypt the session key and even the messages
 
SOLUTION:
DSA keys and RSA keys shorter than 2048 bits are considered vulnerable. It is recommended to install a RSA public key length of at least 2048 bits
or greater, or to switch to ECDSA or EdDSA

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.