By default, Command Central 10.5 and higher uses strong key exchange methods that meet the current security requirements for SSH connections. Command Central allows the following key exchange methods (listed in order of priority): diffie-hellman-group14-sha256 (highest), diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, diffie-hellman-group14-sha1 (lowest).

Only when required by the environment, you can also configure Command Central to allow the following key exchange methods, which are disabled by default, because they are weak:

You can use the com.softwareag.platform.management.client.remoteaccess.allowedkexmethods property to control the list of key exchange methods allowed by Command Central. For details about the property, see SSH Connections.

If the OpenSSH server on the remote machine does not use any of the key exchange methods allowed by Command Central, you can configure the OpenSSH server to use one or more of the allowed methods. For more information, see Configuring an OpenSSH Server to Use the Key-Exchange Methods Allowed by Command Central.