Disable SSH V1 in AIP-SSM10

Unanswered Question
Mar 11th, 2010

Hi ,

we have AIP-SSM 10 and having lower version of 6.0(5)E2 engine.

To update to the new version we had tried to copy the current config to the remote server using scp. During the process we faced the below error 

AIP-IPS# copy scp://vpsadmin@ current-config
Password: ********
Warning: Copying over the current configuration may leave the box in an unstable state.
Would you like to copy current-config to backup-config before proceeding? [yes]: yes
Protocol major versions differ: 1 vs. 2

My remote server is running on Solaris OS having only SSHv2 supported. More over i could able to find AIP-SSM is running on both SSHv1 & SSHv2.

Could any one help us to solve the problem.

Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Panos Kampanakis Thu, 03/11/2010 - 09:42

Disabling sshv1 on the sensor is tracked with bug CSCsk84977.

The workaround to disable it is

Create a service account (if one does not already exist) using the CLI, then log in using that account and enter the following commands:

su -
cd /etc/ssh
cp sshd_config sshd_config.old
sed -r '/^#?Protocol /cProtocol 2' sshd_config.old > sshd_config

## to apply the changes do:
/etc/init.d/cids reboot


I hope it helps.


r.bender Thu, 10/14/2010 - 12:52

I have the same issue but using V7.0(4)E4 on a SSM-10 unit.  Are the commands you specficied the same for this version?


Benjamin Gomez Thu, 10/14/2010 - 16:07

Its the same workaround for all IPS software versions and hardware types.


daphilli Tue, 09/20/2011 - 09:56

Thanks for the help.  However I was able to get it fixed without restarting the entire IPS.

I used VI to edit /etc/ssh/sshd_config   Removed the ,1 from the Protocol line

Then I used the ps -aux | grep ssh to find the process ID of the sshd

Issue kill -HUP

That way only the sshd got restarted.


This Discussion