No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Log Reference

CloudEngine 8800, 7800, 6800, and 5800 V200R005C00

This document provides the explanations, causes, and recommended actions of logs on the product.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
SSH/5/SSHC_INSECURE_LOGIN

SSH/5/SSHC_INSECURE_LOGIN

Message

SSH/5/SSHC_INSECURE_LOGIN: SSH client login is insecure. (ServiceType=[ServiceType], IPAddress=[IPAddress], VPNInstanceName=[VPNInstanceName], Reason=[Reason])

Description

SSH client login is successful with insecure algorithm or smaller key length.

Parameters

Parameter Name Parameter Meaning

ServiceType

Indicates the requested service type of the SSH connection.

IPAddress

Indicates IP address of the server.

VPNInstanceName

Indicates the name of the VPN instance.

Reason

Indicates the reason for insecure login.

Possible Causes

Cause 1:

SSH client connection is established with one of the following insecure cipher algorithms: des_cbc, 3des_cbc, arcfour128, arcfour256, aes128_cbc, aes256_cbc, md5, md5_96, sha1, sha1_96 and sha2_256_96.

Cause 2:

SSH client connection is established with one of the following insecure HMAC algorithms: md5, md5_96, sha1, sha1_96 and sha2_256_96.

Cause 3:

Length of identity key (RSA, DSA) is less than 2048 bits.

Procedure

  1. Cause 1:

    Use secure cipher algorithm to establish the connection like aes128_ctr and aes256_ctr.

  2. Cause 2:

    Use secure HMAC algorithm to establish the connection like sha2_256.

  3. Cause 2:

    Configure identity key (RSA, DSA) with length 2048 bits.

Translation
Download
Updated: 2019-04-20

Document ID: EDOC1100039602

Views: 123739

Downloads: 90

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next