SSH needed for 2950 (currently running 12.1(11)

Unanswered Question
Apr 2nd, 2008

I need to harden some cisco 2950 switches by adding SSH to them. The IOS on them currently is 12.1 (11)

Anyone know whether this will support SSH or what the next IOS upgrade should be for us to obtain SSH funtionility (as opposed to telnet)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mattcalderon Wed, 04/02/2008 - 09:02

It looks as if 12.1(12c)is the first IOS to support it but only if you have an enhanced image (EI)

You may need to upgrade and make sure you have a cryptographic feature set.

http://www.cisco.com/en/US/products/hw/switches/ps628/prod_bulletin09186a0080117169.html

Here is a link on enhanced images vs standard image (SI)

http://www.cisco.com/en/US/products/hw/switches/ps628/prod_bulletin09186a00800b3089.html

From the below guide

"The cryptographic EI provides support for the Secure Shell Protocol (SSP)"

Read the preface of the below guide.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_19_ea1/configuration/guide/swauthen.html#wp1109671

lamav Wed, 04/02/2008 - 09:05

Peter:

you could use the featrure navigator by clicking on the link below:

http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp

Or you can cut to the chase and just try configuring SSH to see if the switch allows it.

Sample SSH config:

To enable SSH, besides the commands below, the device hostname and ip domain name must be configured.

Router(config)# ip ssh

(enable SSH)

Router(config)# crypto key generate rsa

(generate SSH key pair to support remote SSH access)

HTH

Victor

Actions

This Discussion