Message Image

Skip main navigation (Press Enter).

SRX

last person joined: yesterday

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Back to discussions

Expand all | Collapse all

cryptographic algorithm SSH Juniper SRX3400

Jump to Best Answer

Erdem02-21-2016 17:52

Hello, my customer have question for SSH in Juniper SRX3400. "Guidance for cryptographic ...

Erdem02-21-2016 22:23Best Answer

Hi Abdul Rochim , You can find some notes here and you can configure the 2048 DH modulus ...

1. cryptographic algorithm SSH Juniper SRX3400

0 Recommend
Erdem
Posted 02-21-2016 17:52

Reply Reply Privately
Hello,

my customer have question for SSH in Juniper SRX3400.

"Guidance for cryptographic algorithm and key lengths when performing remote management of network devices s, (e.g., transition to 2048-bit DH modulus for SSH key agreement and 2048-bit RSA certificates for SSH authentication)."

i not found documentation about it. any have information about it??

Thanks.
2. RE: cryptographic algorithm SSH Juniper SRX3400
Best Answer

0 Recommend
Erdem
Posted 02-21-2016 22:23

Reply Reply Privately
Hi Abdul Rochim,

You can find some notes here and you can configure the 2048 DH modulus for ssh key agreement (dh-group14-sha1) using the following command :

#set system services ssh key-exchange dh-group14-sha1

Also, don't forget to configure SSH v2 and block root login ( after you create another administrator user to login with ) :

#set system services ssh protocol-version v2

#set system services ssh root-login deny

There is this book on hardening JunOS devices ( Edited : You'll find on Page 73 the FIPS certified ciphers and MACs you should use ).

Powered by Higher Logic