Command Central 10.5 | Configuring Command Central and Platform Manager | Server System Properties | SSH Connections
 
SSH Connections
com.softwareag.platform.management.client.remoteaccess.allowedkexmethods
Configure for OSGI-CCE. Controls the list and priority of key exchange methods allowed by Command Central for securing remote SSH connections. To modify the default list of key exchange methods and their priority, specify a comma-separated list with the key exchange methods that you want to keep enabled in the required priority order from highest to lowest. Command Central will disable the key exchange methods that are not on the specified list. For example, to enable only the diffie-hellman-group16-sha512 and the diffie-hellman-group18-sha512 key exchange methods and set diffie-hellman-group16-sha512 with a higher priority than diffie-hellman-group18-sha512:
com.softwareag.platform.management.client.remoteaccess.allowedkexmethods=diffie-hellman-group16-sha512,
diffie-hellman-group18-sha512
The following key exchange methods are allowed, but disabled by default, because they are weak and should be enabled only when required by the environment:
*diffie-hellman-group1-sha1
*diffie-hellman-group-exchange-sha1
If you do not specify a list of key exchange methods in the property, Command Central allows only the key exchange methods that are enabled by default in the preset order of priority. Default list (in order of priority, from highest to lowest): diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, diffie-hellman-group14-sha1