WS-C2948G and ssh version 2

Unanswered Question
Dec 8th, 2009
User Badges:

I have several of these switches and running (cat4000-k9.8-4-9-GLX.bin) and I'm not able to enable ssh versio2 on them. I even generate the rsa key 1024 but still no luck. Anyone know if these even support ssh version 2 ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Reza Sharifi Tue, 12/08/2009 - 07:08
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

WS-C2948G


Is this a 4948G or 2948G?


Reza

nawas Tue, 12/08/2009 - 07:10
User Badges:

As stated in message header it is a 2948, part number is WS-C2948G

Edison Ortiz Tue, 12/08/2009 - 08:03
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

nawas wrote:


I have several of these switches and running (cat4000-k9.8-4-9-GLX.bin) and I'm not able to enable ssh versio2 on them. I even generate the rsa key 1024 but still no luck. Anyone know if these even support ssh version 2 ?


They only support SSH v1. You are running a very old and outdate piece of equipment there


SSH v2 support started with IOS, 12.3(7)T


http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_s6.html#wp1057484


Regards


Edison

glen.grant Tue, 12/08/2009 - 08:00
User Badges:
  • Purple, 4500 points or more

  Did you do the command " set ssh mode V2"   ?   If it takes it then that version supports it .  SSH V2 was added in 8.3   so that version should support it .

Out of the cisco doc below.


Secure Shell

Utilize SSH encryption in order to provide security for Telnet sessions       and other remote connections to the switch. SSH encryption is supported for       remote logins to the switch only. You cannot encrypt Telnet sessions that are       initiated from the switch. SSH version 1 is supported in CatOS 6.1, and version       2 support was added in CatOS 8.3. SSH version 1 supports the Data Encryption       Standard (DES) and Triple-DES (3-DES) encryption methods, and SSH version 2       supports the 3-DES and Advanced Encryption Standard (AES) encryption methods.       You can use SSH encryption with RADIUS and TACACS+ authentication. This feature       is supported with SSH (k9) images. Refer to       How       to Configure SSH on Catalyst Switches Running CatOS for details.

set crypto key rsa 1024

In order to disable version 1 fallback and accept version 2       connections, issue this command:

set ssh mode v2

Edison Ortiz Tue, 12/08/2009 - 08:15
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

SSH version 1 is supported in CatOS 6.1, and version       2 support was added in CatOS 8.3. SSH version 1 supports the Data Encryption       Standard (DES) and Triple-DES (3-DES) encryption methods, and SSH version 2       supports the 3-DES and Advanced Encryption Standard (AES) encryption methods.       You can use SSH encryption with RADIUS and TACACS+ authentication.


Please note: this information is from the Catalyst 6500 CATOS.


The Release Notes support this information:


http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/system/release/notes/OL_4498.html#wp502670


The original poster is running Catalyst OS 8.4.x from the 4000 line which may imply that SSHv2 is supported

Actions

This Discussion