SSH needed for 2950 (currently running 12.1(11)

Unanswered Question
Apr 2nd, 2008
User Badges:

I need to harden some cisco 2950 switches by adding SSH to them. The IOS on them currently is 12.1 (11)

Anyone know whether this will support SSH or what the next IOS upgrade should be for us to obtain SSH funtionility (as opposed to telnet)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mattcalderon Wed, 04/02/2008 - 09:02
User Badges:
  • Silver, 250 points or more

It looks as if 12.1(12c)is the first IOS to support it but only if you have an enhanced image (EI)


You may need to upgrade and make sure you have a cryptographic feature set.


http://www.cisco.com/en/US/products/hw/switches/ps628/prod_bulletin09186a0080117169.html


Here is a link on enhanced images vs standard image (SI)


http://www.cisco.com/en/US/products/hw/switches/ps628/prod_bulletin09186a00800b3089.html


From the below guide


"The cryptographic EI provides support for the Secure Shell Protocol (SSP)"


Read the preface of the below guide.


http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_19_ea1/configuration/guide/swauthen.html#wp1109671

lamav Wed, 04/02/2008 - 09:05
User Badges:
  • Blue, 1500 points or more

Peter:


you could use the featrure navigator by clicking on the link below:


http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp


Or you can cut to the chase and just try configuring SSH to see if the switch allows it.


Sample SSH config:


To enable SSH, besides the commands below, the device hostname and ip domain name must be configured.


Router(config)# ip ssh

(enable SSH)


Router(config)# crypto key generate rsa

(generate SSH key pair to support remote SSH access)


HTH


Victor


Actions

This Discussion