cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
512
Views
0
Helpful
2
Replies

SSH needed for 2950 (currently running 12.1(11)

peter-net
Level 1
Level 1

I need to harden some cisco 2950 switches by adding SSH to them. The IOS on them currently is 12.1 (11)

Anyone know whether this will support SSH or what the next IOS upgrade should be for us to obtain SSH funtionility (as opposed to telnet)

2 Replies 2

mattcalderon
Level 4
Level 4

It looks as if 12.1(12c)is the first IOS to support it but only if you have an enhanced image (EI)

You may need to upgrade and make sure you have a cryptographic feature set.

http://www.cisco.com/en/US/products/hw/switches/ps628/prod_bulletin09186a0080117169.html

Here is a link on enhanced images vs standard image (SI)

http://www.cisco.com/en/US/products/hw/switches/ps628/prod_bulletin09186a00800b3089.html

From the below guide

"The cryptographic EI provides support for the Secure Shell Protocol (SSP)"

Read the preface of the below guide.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_19_ea1/configuration/guide/swauthen.html#wp1109671

lamav
Level 8
Level 8

Peter:

you could use the featrure navigator by clicking on the link below:

http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp

Or you can cut to the chase and just try configuring SSH to see if the switch allows it.

Sample SSH config:

To enable SSH, besides the commands below, the device hostname and ip domain name must be configured.

Router(config)# ip ssh

(enable SSH)

Router(config)# crypto key generate rsa

(generate SSH key pair to support remote SSH access)

HTH

Victor

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco