Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

SSH version on IDSM

Can I limit the SSH version to 2 on IDSM? I couldn't find any command for that. It looks like it allows both version 1 and 2. I need to limit it to version 2 only.

Thanks.

1 REPLY
Cisco Employee

Re: SSH version on IDSM

Not currently supported.

SSHv2 has not been fully tested and supported for all aspects of the sensor. Some features still require SSHv1.

No mechanisms are in place to limit the sensor to SSHv2 only.

Attempting to limit the sensor to SShv2 will cause problems with the sensor.

There are enhancement requests that have already been made to fully support SSHv2 across all corresponding features of the sensor, and allow disabling of SSHv1.

I can not comment on if or when these requests may be fulfilled.

In the meantime the best protection for your sensor is to limit the access-list to only the specific IP Addresses that require access.

137
Views
5
Helpful
1
Replies
CreatePlease to create content