SSH Weak Algorithms Supported

medium Nessus Plugin ID 90317


The remote SSH server is configured to allow weak encryption algorithms or no algorithm at all.


Nessus has detected that the remote SSH server is configured to use the Arcfour stream cipher or no cipher at all. RFC 4253 advises against using Arcfour due to an issue with weak keys.


Contact the vendor or consult product documentation to remove the weak ciphers.

See Also

Plugin Details

Severity: Medium

ID: 90317

File Name: ssh_weak_encryption_algorithms.nasl

Version: Revision: 1.3

Type: remote

Family: Misc.

Published: 4/4/2016

Updated: 12/14/2016

Supported Sensors: Nessus

Risk Information


Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N