How to address the Qualys vulnerability SSH server public key too small for NetApp FAS and AFF SANs.

First, you need to see the current security configuration by this command.

Security config show

Now enable the flips by this command & accept x3 prompts.

Security config modify -interface SSL -is-fips-enabled true

Now Run the security config show &you will see that both nodes need to be rebooted.

To do this in a cluster, the easiest way is to open NetApp OnCommand Manager & log in. Next, go to High Availability found under Cluster Settings. By selecting the option under node 1 to take over node 2, reboot node 2 first.

Click on Take Over.

The reboot has started.

Node 2 is offline during reboot.

Do not click on Give back. Wait

Now, Node 2 is online after a while after reboot. Re-homing interfaces can by going to Network, then interfaces & then Send to home.

For Node 1 we will repeat the same process but we will select node 2 and take over node 1

Click Take over as before.


This time, node 1 goes offline

Wait until the “Nodes can take over” message appears.

Check by security config to show if a reboot is still needed, else it’s perfect now.

Leave a Reply

Your email address will not be published. Required fields are marked *

Enter Captcha Here :