WS-C2948G and ssh version 2

Unanswered Question
Dec 8th, 2009

I have several of these switches and running (cat4000-k9.8-4-9-GLX.bin) and I'm not able to enable ssh versio2 on them. I even generate the rsa key 1024 but still no luck. Anyone know if these even support ssh version 2 ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
nawas Tue, 12/08/2009 - 07:10

As stated in message header it is a 2948, part number is WS-C2948G

Edison Ortiz Tue, 12/08/2009 - 08:03

nawas wrote:

I have several of these switches and running (cat4000-k9.8-4-9-GLX.bin) and I'm not able to enable ssh versio2 on them. I even generate the rsa key 1024 but still no luck. Anyone know if these even support ssh version 2 ?

They only support SSH v1. You are running a very old and outdate piece of equipment there

SSH v2 support started with IOS, 12.3(7)T

http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_s6.html#wp1057484

Regards

Edison

glen.grant Tue, 12/08/2009 - 08:00

  Did you do the command " set ssh mode V2"   ?   If it takes it then that version supports it .  SSH V2 was added in 8.3   so that version should support it .

Out of the cisco doc below.

Secure Shell

Utilize SSH encryption in order to provide security for Telnet sessions       and other remote connections to the switch. SSH encryption is supported for       remote logins to the switch only. You cannot encrypt Telnet sessions that are       initiated from the switch. SSH version 1 is supported in CatOS 6.1, and version       2 support was added in CatOS 8.3. SSH version 1 supports the Data Encryption       Standard (DES) and Triple-DES (3-DES) encryption methods, and SSH version 2       supports the 3-DES and Advanced Encryption Standard (AES) encryption methods.       You can use SSH encryption with RADIUS and TACACS+ authentication. This feature       is supported with SSH (k9) images. Refer to       How       to Configure SSH on Catalyst Switches Running CatOS for details.

set crypto key rsa 1024

In order to disable version 1 fallback and accept version 2       connections, issue this command:

set ssh mode v2

Edison Ortiz Tue, 12/08/2009 - 08:15

SSH version 1 is supported in CatOS 6.1, and version       2 support was added in CatOS 8.3. SSH version 1 supports the Data Encryption       Standard (DES) and Triple-DES (3-DES) encryption methods, and SSH version 2       supports the 3-DES and Advanced Encryption Standard (AES) encryption methods.       You can use SSH encryption with RADIUS and TACACS+ authentication.

Please note: this information is from the Catalyst 6500 CATOS.

The Release Notes support this information:

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/system/release/notes/OL_4498.html#wp502670

The original poster is running Catalyst OS 8.4.x from the 4000 line which may imply that SSHv2 is supported

Actions

This Discussion