This portal is to open public enhancement requests against IBM System Storage products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
See this idea on ideas.ibm.com
We've been chatting to support desk about the support for disabling/excluding specific cipher suites for SSH. As geographical perspectives (and thus necessities) could potentially differ from one another, we'd like to opt for a feature request, for the ability to manually define which cipher suites are enabled, or rather disabled, for SSH.
The issue that we were discussing about in our support case:
We’ve been using the ssh-audit tool, which made us consider excluding some specific cipher suites for SSH. These related sources might be of interest to check out for yourselves:
Curve25519: https://en.wikipedia.org/wiki/Curve25519
Nothing-up-my-sleeve number: https://en.wikipedia.org/wiki/Nothing-up-my-sleeve_number
Would you mind taking a look? It’d be great if you could check them out and see if this might be something worth considering on your end too. Of course, if you think this might be an issue that could potentially relate to other customers, this could help us all.
Also, is there an officially supported way for us to manually disable or exclude certain ciphers? We’re obviously only looking for officially endorsed methods when changing any settings in this regard. This could also be useful for future reference.
Thanks for your help so far, and looking forward to your thoughts!
Idea priority | Low |
By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.
Thank you for submitting this enhancement request. We will consider this request for future implementation as we continue to evaluate the best way to keep clients secure in this environment.
We appreciate your input and hope that you will continue to submit enhancement requests.
Thanks,
FlashSystem Team
philipclark@ibm.com