• November 25, 2020, 02:31:44 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: SSH Public keys regenerate  (Read 2019 times)

0 Members and 1 Guest are viewing this topic.

Offline kevins

  • Rookie
  • **
  • Posts: 5
SSH Public keys regenerate
« on: July 17, 2015, 12:02:10 PM »
I have a couple of ERS5698TFD switches with SW:v6.2.5.027

yes the code is a little bit old and will be updating it soon.

I had an internal Pen test and they highlighted that the switches are accepting a publicly known static SSH private key for authentication, which allows access to the switches, the switches have a close to default setup.

Anyone got any ideas how I can Remove the vulnerable public keys from the switches, or would "ssh dsa-host-key" regenerate the keys?

Any pointers would be good thanks in advance.

Offline Dominik

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1564
    • Networkautobahn
Re: SSH Public keys regenerate
« Reply #1 on: July 20, 2015, 05:22:12 AM »
The ssh dsa-host-key command should generate a new host key. If there is a bug how the key is generated I would suggest that you need to do an SW update.

Itīs always the networks fault!