SSH version on IDSM

Unanswered Question
Feb 16th, 2009

Can I limit the SSH version to 2 on IDSM? I couldn't find any command for that. It looks like it allows both version 1 and 2. I need to limit it to version 2 only.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
marcabal Mon, 02/16/2009 - 14:21

Not currently supported.

SSHv2 has not been fully tested and supported for all aspects of the sensor. Some features still require SSHv1.

No mechanisms are in place to limit the sensor to SSHv2 only.

Attempting to limit the sensor to SShv2 will cause problems with the sensor.

There are enhancement requests that have already been made to fully support SSHv2 across all corresponding features of the sensor, and allow disabling of SSHv1.

I can not comment on if or when these requests may be fulfilled.

In the meantime the best protection for your sensor is to limit the access-list to only the specific IP Addresses that require access.


This Discussion