Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SSH needed for 2950 (currently running 12.1(11)

I need to harden some cisco 2950 switches by adding SSH to them. The IOS on them currently is 12.1 (11)

Anyone know whether this will support SSH or what the next IOS upgrade should be for us to obtain SSH funtionility (as opposed to telnet)

2 REPLIES

Re: SSH needed for 2950 (currently running 12.1(11)

It looks as if 12.1(12c)is the first IOS to support it but only if you have an enhanced image (EI)

You may need to upgrade and make sure you have a cryptographic feature set.

http://www.cisco.com/en/US/products/hw/switches/ps628/prod_bulletin09186a0080117169.html

Here is a link on enhanced images vs standard image (SI)

http://www.cisco.com/en/US/products/hw/switches/ps628/prod_bulletin09186a00800b3089.html

From the below guide

"The cryptographic EI provides support for the Secure Shell Protocol (SSP)"

Read the preface of the below guide.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_19_ea1/configuration/guide/swauthen.html#wp1109671

Blue

Re: SSH needed for 2950 (currently running 12.1(11)

Peter:

you could use the featrure navigator by clicking on the link below:

http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp

Or you can cut to the chase and just try configuring SSH to see if the switch allows it.

Sample SSH config:

To enable SSH, besides the commands below, the device hostname and ip domain name must be configured.

Router(config)# ip ssh

(enable SSH)

Router(config)# crypto key generate rsa

(generate SSH key pair to support remote SSH access)

HTH

Victor

262
Views
0
Helpful
2
Replies