Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2430
Views
5
Helpful
4
Replies

Enabling SSH on CSS 11500 series

mduhra
Level 1
Level 1

‎01-09-2009 02:42 PM

Hi, I'm trying to convert from Telnet to SSH only. Viewing other posts on NetPro, I'm not really sure if I need to upgrade my License or not. As my show sshd commands are showing output to reflect some sort SSH config. What am I missing here ??

CSS11503# sh ver

Version: sg0810106 (08.10.1.06)

Flash (Locked): 08.10.1.06

Flash (Operational): 08.10.1.06

Type: PRIMARY

Licensed Cmd Set(s): Standard Feature Set

CSS11503# show sshd version

SSHield version 1.6.1, SSH version OpenSSH_3.0.2p1

CSS11503# show sshd config

Sshd Configuration Information:

-------------------------------

Access Restricted: Yes

Maximum Sessions Allowed: 5

Active Sessions: 0

Log Level: warning-4

Listen Socket Count: 1

Listen Port: 22

Listen Address: 0.0.0.0

Server Protocol(s): v1 v2

Server Key Bits: 768

RSA Protocol(SSH1): Enabled

Empty Passwords: Rejected

Keep Alive: Enabled

SSH2 Cipher List: aes128-cbc,3des-cbc,blowfish-cbc, etc...

1. In order to migrate to SSH as the only remote access method do I need to upgrade to the "Enhanced Feature Set" and then get the "Secure Management License" from Cisco or can I skip the Enhanced License and go direct to the Secure License?

2. Or do I just do a "no restrict SSH" ?

3. Are there any SSL keys that need to be generated with the "ssl genrsa" cmd or will the licensing upgrade take of this.

Input greatly appreciated!

Manjit.

Labels:
0 Helpful
4 Replies 4

Gilles Dufour
Cisco Employee
Cisco Employee

‎01-12-2009 12:28 AM

All your questions are answered in the following documents :

"Configuring CSS Remote Access Methods"

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v7.20/configuration/administration/guide/Access.html#wp1105296

Gilles.

Surya ARBY
Level 4
Level 4
In response to Gilles Dufour

‎11-10-2016 04:31 AM

Hello all.

We still have very old CSS boxe, is there any way to retrieve a license for SSH right now ? It's very urgent and licensing@cisco.com didn't reply :(

0 Helpful

osamah_farooqui
Level 1
Level 1
In response to Surya ARBY

‎01-10-2017 05:52 AM

Hi Surya..  Were you able to extract license from an existing CSS to transfer to a different box?

Thanks

0 Helpful

Vern Brinkman
Level 1
Level 1

‎07-13-2015 04:12 PM

you need the ssh license....S11K-SEC2-K9

so you get "SSH Server" when you do show license

 

css# show version
?Version: 				ap0500003 (5.00 Build 3)
?Flash (Locked): 		4.10 Build 33
?Flash (Operational): 	5.00 Build 3
?Type: 					PRIMARY
?Licensed Cmd Set(s):	Standard Feature Set 
						Enhanced Feature Set 
						Proximity Data Base 
						SSH Server
0 Helpful
Customers Also Viewed These Support Documents