Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Disable SSH V1 in AIP-SSM10

Hi ,

we have AIP-SSM 10 and having lower version of 6.0(5)E2 engine.

To update to the new version we had tried to copy the current config to the remote server using scp. During the process we faced the below error 

AIP-IPS# copy scp://vpsadmin@192.168.2.1//configuration/cfg current-config
Password: ********
Warning: Copying over the current configuration may leave the box in an unstable state.
Would you like to copy current-config to backup-config before proceeding? [yes]: yes
Protocol major versions differ: 1 vs. 2

My remote server is running on Solaris OS having only SSHv2 supported. More over i could able to find AIP-SSM is running on both SSHv1 & SSHv2.

Could any one help us to solve the problem.

Thanks in advance.

4 REPLIES
Cisco Employee

Re: Disable SSH V1 in AIP-SSM10

Disabling sshv1 on the sensor is tracked with bug CSCsk84977.

The workaround to disable it is

Create a service account (if one does not already exist) using the CLI, then log in using that account and enter the following commands:

su -
cd /etc/ssh
cp sshd_config sshd_config.old
sed -r '/^#?Protocol /cProtocol 2' sshd_config.old > sshd_config

## to apply the changes do:
/etc/init.d/cids reboot

.

I hope it helps.

PK

New Member

Re: Disable SSH V1 in AIP-SSM10

I have the same issue but using V7.0(4)E4 on a SSM-10 unit.  Are the commands you specficied the same for this version?

Thanks.

New Member

Re: Disable SSH V1 in AIP-SSM10

Its the same workaround for all IPS software versions and hardware types.

Cheers.

New Member

Disable SSH V1 in AIP-SSM10

Thanks for the help.  However I was able to get it fixed without restarting the entire IPS.

I used VI to edit /etc/ssh/sshd_config   Removed the ,1 from the Protocol line

Then I used the ps -aux | grep ssh to find the process ID of the sshd

Issue kill -HUP

That way only the sshd got restarted.

1830
Views
15
Helpful
4
Replies