By default, NetApp keep enabled SSH ciphers which are obsoletes (which should not be used at least). The following procedure has been realized on an AFF-A300
The ciphers I’m talking about are the cbc ones (aes256-cbc, aes192-cbc, aes128-cbc, 3des-cbc) and here is how to proceed :
First of all, connect to your NetApp via SSH, then you will have to set the advanced privilege mode
And finish by removing all the cipers you want to disable with the command « security ssh remove -ciphers xxxx »
Then you can check the ciphers enabled with the command « security ssh show » :
