How to add, delete or modify On-Prem ADM Agent ciphers
Article ID: CTX484586
Updated On:
Description
Provide the steps to modify ciphers used on ADM Agent on prem
Instructions
To remove all the weak DHE ciphers on ADM Agent:- Open an SSH session and modify the file “cipher_settings.conf” located in the '/flash/mpsconfig' directory of the agent and perform masd restart.
- Once the agent comes up after restart, the cipher changes will be reflected in agent. You can add or delete ciphers as needed.
- Command for reset the process running inside ADM Agent
masd restart
- Command to verify the changes after masd restart
bash-3.2# cat cipher_settings.conf
CIPHER_GROUP: None
CIPHER_LIST: ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA:ECDHE-RSA-RC4-SHA
CIPHER_MODE: CipherSuites
CIPHER_GROUP: None
CIPHER_LIST: ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA:ECDHE-RSA-RC4-SHA
CIPHER_MODE: CipherSuites
Issue/Introduction
How to modify the ciphers accepted by ADM Agent
Additional Information
Was this article helpful?
Yes
No
Powered by
