How to Disable SHA1 and Enable SHA2 for App Connector VM : Ask4key IT & Network Customer Support

How to Disable SHA1 and Enable SHA2 for App Connector VM Print

Created by: Customer Support

Modified on: Fri, 1 Dec, 2023 at 4:00 PM

TABLE OF CONTENTS

Product : Zscaler Private Access (ZPA) App Connector

Component : Zscaler Client App

Version : 2.8.17 Build No. : 152.2

Issue/ Problem :

Customer request to Disable SHA1 and Enable SHA2 for App Connector VM after done Vulnerability Scanning

Impact :

No Impact but Increase Security as using SHA2

Solution :

Step 1:

Go to below directory and uncomment the below line

Vi /etc/sysconfig/sshd

Uncomment

CRYPTO_POLICY=

Step 2:

Go to the below directories and append the below lines at the end of file

vi /etc/ssh/sshd_config

KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256

Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr

MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com

Step 3:

systemctl restart sshd

sudo ssh -Q key

sudo SSH -t

Summary :

The method is only applied if customer request to rectify the SHA1 Ciphers after Vulnerability Scanning

Customer is the author of this solution article.

Did you find it helpful? Yes No

How to Disable SHA1 and Enable SHA2 for App Connector VM Print