Weak cipher usage - diffie-hellman-group1-sha1

Hi, One of our customers has reported that in their machine where ES is configured, a scanner identified port 22 to be used by some ES dependent service and that it flagged for using a weak cipher - 'diffie-hellman-group1-sha1'.

Deprecated SSH Cryptographic Settings
Port: 22, Status: Open

QualysGuard - Retail: Type Name key exchange diffie-hellman-group1-sha1

OS : Windows Server 2012
ES version : 5.4.1

I couldn't find the same in my local machine.

Is anyone aware of this case, please share details.


Port 22 is commonly used for SSH, and the message points to that also. This is unrelated to elasticsearch and elasricsearch doesnt depend on an SSH server / service

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.