12-08-2009 06:52 AM - last edited on 03-25-2019 04:09 PM by ciscomoderator
I have several of these switches and running (cat4000-k9.8-4-9-GLX.bin) and I'm not able to enable ssh versio2 on them. I even generate the rsa key 1024 but still no luck. Anyone know if these even support ssh version 2 ?
12-08-2009 07:08 AM
WS-C2948G
Is this a 4948G or 2948G?
Reza
12-08-2009 07:10 AM
As stated in message header it is a 2948, part number is WS-C2948G
12-08-2009 08:00 AM
Did you do the command " set ssh mode V2" ? If it takes it then that version supports it . SSH V2 was added in 8.3 so that version should support it .
Out of the cisco doc below.
Utilize SSH encryption in order to provide security for Telnet sessions and other remote connections to the switch. SSH encryption is supported for remote logins to the switch only. You cannot encrypt Telnet sessions that are initiated from the switch. SSH version 1 is supported in CatOS 6.1, and version 2 support was added in CatOS 8.3. SSH version 1 supports the Data Encryption Standard (DES) and Triple-DES (3-DES) encryption methods, and SSH version 2 supports the 3-DES and Advanced Encryption Standard (AES) encryption methods. You can use SSH encryption with RADIUS and TACACS+ authentication. This feature is supported with SSH (k9) images. Refer to How to Configure SSH on Catalyst Switches Running CatOS for details.
set crypto key rsa 1024
In order to disable version 1 fallback and accept version 2 connections, issue this command:
set ssh mode v2
12-08-2009 08:15 AM
SSH version 1 is supported in CatOS 6.1, and version 2 support was added in CatOS 8.3. SSH version 1 supports the Data Encryption Standard (DES) and Triple-DES (3-DES) encryption methods, and SSH version 2 supports the 3-DES and Advanced Encryption Standard (AES) encryption methods. You can use SSH encryption with RADIUS and TACACS+ authentication.
Please note: this information is from the Catalyst 6500 CATOS.
The Release Notes support this information:
The original poster is running Catalyst OS 8.4.x from the 4000 line which may imply that SSHv2 is supported
12-08-2009 08:03 AM
nawas wrote:
I have several of these switches and running (cat4000-k9.8-4-9-GLX.bin) and I'm not able to enable ssh versio2 on them. I even generate the rsa key 1024 but still no luck. Anyone know if these even support ssh version 2 ?
They only support SSH v1. You are running a very old and outdate piece of equipment there
SSH v2 support started with IOS, 12.3(7)T
http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_s6.html#wp1057484
Regards
Edison
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide