NetWorker: vProxy SSH-RSA Vulnerability (QID-038739/038909)

Summary: Deprecated SSH Cryptographic Settings (QID-038739, QID-038909) Reported by Quays Vulnerability Scanner. A man-in-the-middle attacker may be able to exploit this vulnerability to record the communication to decrypt the session key and even the messages. ...

Affected Products

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Check out other resources

Symptoms

Qualys Security Vulnerability Scanner detects the following vulnerabilities with vProxy.

Associated scanner reported:

QID-038739, QID-038909

Deprecated SSH Cryptographic Settings

Cause

This is Caused by deprecated SSH host-key authentication method as shown below:

sshd -T | egrep -iw "ciphers|kexalorithms|HostKeyAlgorithms"

sshd -T | egrep -iw "ciphers|kexalorithms|HostKeyAlgorithms"

Resolution

Avoid using deprecated cryptographic settings. Use best practices when configuring SSH. The following steps can be done to mitigate the issue.

NOTE: These steps must be performed by the VMware admin or system administrator. NetWorker support should not complete these steps as this is considered for an operating system security change which requires the site administrators to complete.

On the vProxy appliances, perform the following:

1. Update the sshd "hostkeyalgorithms" using the below command:

echo HostKeyAlgorithms "ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519" >> /etc/ssh/sshd_config

2. Confirm the changes:

sshd -T | egrep -iw "ciphers|kexalorithms|HostKeyAlgorithms"

sshd -T | egrep -iw "ciphers|kexalorithms|HostKeyAlgorithms"
3. Restart the sshd service to take effect of the changes by using command below:

systemctl restart sshd

Additional Information

This hyperlink is taking you to a website outside of Dell Technologies.

https://success.qualys.com/support/s/article/000006407

Affected Products

Backup and Recovery Manager NetWorker, NetWorker, NetWorker Module

Article Number: 000220905

Article Type: Solution

Last Modified: 17 آذار 2026

Version: 3

Check if your device is covered by Support Services.

NetWorker: vProxy SSH-RSA Vulnerability (QID-038739/038909)

Summary: Deprecated SSH Cryptographic Settings (QID-038739, QID-038909) Reported by Quays Vulnerability Scanner. A man-in-the-middle attacker may be able to exploit this vulnerability to record the communication to decrypt the session key and even the messages. ...

Symptoms

Cause

Resolution

Additional Info

Affected Products

Symptoms

Cause

Resolution

Additional Information

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services

NetWorker: vProxy SSH-RSA Vulnerability (QID-038739/038909)

Summary: Deprecated SSH Cryptographic Settings (QID-038739, QID-038909) Reported by Quays Vulnerability Scanner. A man-in-the-middle attacker may be able to exploit this vulnerability to record the communication to decrypt the session key and even the messages. ... View More View Less

Detailed Article

Symptoms

Cause

Resolution

Additional Info

Affected Products

Symptoms

Cause

Resolution

Additional Information

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services

Summary: Deprecated SSH Cryptographic Settings (QID-038739, QID-038909) Reported by Quays Vulnerability Scanner. A man-in-the-middle attacker may be able to exploit this vulnerability to record the communication to decrypt the session key and even the messages. ...