Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Silver

Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router

I have a requirement on my IOS router running IOS latest version of 12.4T.

I want to configure the router so that it only accepts ssh version 2 connection with aes256-cbc hmac-sha1. Every other ssh connections such as aes192-cbc hmac-sha1 or hmac-md5 will fail.

I can get this to work on a Unix/Linux box in less than 10 seconds. However, I am struggling to get this to work in IOS routers.

Anyone know how to do this? Thanks.

17 REPLIES
Hall of Fame Super Bronze

Re: Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS ro

You only have 2 options for SSH server support on IOS, per the documentation:

SSH server and SSH client are supported on DES (56-bit) and 3DES (168-bit) data encryption software images only. In DES software images, DES is the only encryption algorithm available. In 3DES software images, both DES and 3DES encryption algorithms are available.

http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_cfg_secure_shell_ps6350_TSD_Products_Configuration_Guide_Chapter.html

Silver

Re: Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS ro

I don't think you're correct. This is what I am getting when ssh into a IOS 12.4T:

debug1: SSH2_MSG_KEXINIT received

debug1: kex: server->client aes256-cbc hmac-sha1 none

debug1: kex: client->server aes256-cbc hmac-sha1 none

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent

clearly the router is taking AES256-cbc with SHA-1.

But that's not what I am asking. I know that 3DES, AES-128, AES-192 and AES-256 are availalble on Cisco IOS. The question I am asking is how to make the IOS accept ONLY aes-256 with SHA-1.

Here is the rest of the output:

[Expert@NEO-labgw]# ssh -v -c aes256-cbc -m hmac-sha1 -l cciesec 192.168.15.201

OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Applying options for *

debug1: Rhosts Authentication disabled, originating port will not be trusted.

debug1: Connecting to 192.168.15.201 [192.168.15.201] port 22.

debug1: Connection established.

debug1: identity file /root/.ssh/identity type -1

debug1: identity file /root/.ssh/id_rsa type 1

debug1: identity file /root/.ssh/id_dsa type -1

debug1: Remote protocol version 1.99, remote software version Cisco-1.25

debug1: no match: Cisco-1.25

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: server->client aes256-cbc hmac-sha1 none

debug1: kex: client->server aes256-cbc hmac-sha1 none

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

debug1: SSH2_MSG_KEX_DH_GEX_INIT sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY

debug1: Host '192.168.15.201' is known and matches the RSA host key.

debug1: Found key in /root/.ssh/known_hosts:9

debug1: ssh_rsa_verify: signature correct

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: SSH2_MSG_SERVICE_REQUEST sent

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: keyboard-interactive,password

debug1: Next authentication method: keyboard-interactive

Password:

debug1: Authentication succeeded (keyboard-interactive).

debug1: channel 0: new [client-session]

debug1: Entering interactive session.

debug1: channel 0: request pty-req

debug1: channel 0: request shell

debug1: channel 0: open confirm rwindow 1024 rmax 4096

R2851-3#sh ver

Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(24)T, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2009 by Cisco Systems, Inc.

Compiled Wed 25-Feb-09 17:55 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T5, RELEASE SOFTWARE (fc1)

R2851-3 uptime is 1 week, 1 day, 23 hours, 24 minutes

System returned to ROM by reload at 15:28:00 gmt Thu Jul 9 2009

System restarted at 15:30:07 gmt Thu Jul 9 2009

System image file is "flash:c2800nm-advipservicesk9-mz.124-24.T.bin"

R2851-3#

Hall of Fame Super Bronze

Re: Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS ro

You are right, I wasn't correct since I posted a link that reflects the SSHv1 behavior.

This link

http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_secure_shell_v2_ps6350_TSD_Products_Configuration_Guide_Chapter.html

reflects the SSHv2 behavior and you can't really enforce one type of encryption from the IOS SSH server.

My only suggestion is opening a TAC case and file for an enhancement request.

Re: Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS ro

To use only SSH v2, you have to fix the version with "ip ssh version" configuration command. Without doing it, you can connect to both SSH v1 and v2. SSH v1 use 3DES while SSH v2 use AES.

Check this link http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml#sshvvs

Silver

Re: Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS ro

Again, that is not what I asked. My question is "how can I make the IOS router accept only AES256-cbc with hmac-sha-1". Anything else below aes256-cbc even with hmac-md5 will be rejected.

By the way, what you said about ssh v2 use AES is not completely accurate. ssh version 2 also uses 3DES as well. See below:

[Expert@NEO-labgw]# ssh -v -2 -c 3des -m hmac-sha1 -l cciesec 192.168.15.201

OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Applying options for *

debug1: Rhosts Authentication disabled, originating port will not be trusted.

debug1: Connecting to 192.168.15.201 [192.168.15.201] port 22.

debug1: Connection established.

debug1: identity file /root/.ssh/id_rsa type 1

debug1: identity file /root/.ssh/id_dsa type -1

debug1: Remote protocol version 2.0, remote software version Cisco-1.25

debug1: no match: Cisco-1.25

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: server->client 3des-cbc hmac-sha1 none

debug1: kex: client->server 3des-cbc hmac-sha1 none

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

debug1: SSH2_MSG_KEX_DH_GEX_INIT sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY

debug1: Host '192.168.15.201' is known and matches the RSA host key.

debug1: Found key in /root/.ssh/known_hosts:9

debug1: ssh_rsa_verify: signature correct

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: SSH2_MSG_SERVICE_REQUEST sent

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: keyboard-interactive,password

debug1: Next authentication method: keyboard-interactive

Password:

R2851-3#sh run | i ip ssh

ip ssh version 2

R2851-3#

[Expert@NEO-labgw]# ssh -v -2 -c 3des -m hmac-sha1 -l root Linux_ultra_Secure

OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Applying options for *

debug1: Rhosts Authentication disabled, originating port will not be trusted.

debug1: Connecting to 192.168.15.228[192.168.15.228] port 22.

debug1: Connection established.

debug1: identity file /root/.ssh/id_rsa type 1

debug1: identity file /root/.ssh/id_dsa type -1

debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3

debug1: match: OpenSSH_4.3 pat OpenSSH*

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

no matching cipher found: client 3des-cbc server aes256-cbc

debug1: Calling cleanup 0x8062370(0x0)

[Expert@NEO-labgw]#

New Member

Re: Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS ro

I am interested in a definitive answer to this question.

Googling and searching around Cisco.com, it seems that the answer may be: No, SSH in IOS is simply not that configurable. One only gets to choose SSH version and IOS decides what cipher to use.

Is that correct?

New Member

Re: Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS ro

I was going to edit the previous post, adding "with hint from the client". But the editor does't seem to let me.

bxp
New Member

Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router

Has anyone found a resolution to this issue?  I have been searching everywhere but haven't had any luck.  This post is the only place that even mentions trying to accomplish this.  I need to complete to meet a security audit requirement.  I am going to open a case with TAC but I wanted to see if anyone had anything pop up since 2008.  Thanks in advance.

Steve

bxp
New Member

Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router

Sorry meant to reply to original post:

Has anyone found a resolution to this issue? I have been searching everywhere but haven't had any luck. This post is the only place that even mentions trying to accomplish this. I need to complete to meet a security audit requirement. I am going to open a case with TAC but I wanted to see if anyone had anything pop up since 2008. Thanks in advance.

Steve

Hall of Fame Super Silver

Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router

Steve

The part about restricting it to only SSH version 2 is easy and is explained in the post from Danilo. I am still not aware of any way to restrict the encryption protocol in IOS. If you do find something from TAC please do post back here with what you find.

HTH

Rick

bxp
New Member

Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router

This was TACs response to my question:

With  regards to your question, this functionality is not yet available on cisco IOS.

I hope this helps . Please let me know if you still require additional information/assistance or if you will want me to close the ticket.

Looks like its not an option at the moment.  I'm not sure what to bring back to the security people that mentioned we should do this.

Hall of Fame Super Silver

Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router

Steve

To state the obvious, I would take back to the security people that you have asked Cisco how to do what they are requesting and Cisco has responded that in current code it is not supported. I would perhaps then ask them if they know how to do something that Cisco does not yet know.

HTH

Rick

Bronze

Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router

They do know the answer:  Use Juniper .  It has that capability

New Member

Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router

It has been almost two years since the last post. I'm running Cisco IOS 15.2 now. But I have the same problem as Steven here.

I used the command "ip ssh version 2" along with the other ip ssh settings.

When trying to do a "copy scp: flash:test" it appears that the Cisco Client tries to use "3des-cbc" instead of "aes-xxxx".

I have also looked to see if I can force it to use "aes-xxxx". No Luck.

Does anyone have any suggestions, other than switching to Juniper which is NOT an option.

New Member

Re: Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS ro

With SSH from client side you can pick the encryption level, it’s weird though that client side dictates the encryption level.

And yes SSH v2 also works with 3des which is quite weak encryption. I’m quite surprised you can't force this on server side.

From client side you can do:

ssh -c aes256-cbc -l -m hmac-sha1-160 -l

example

ssh -c aes256-cbc -l admin 192.168.1.1

but

ssh -c 3des -l admin 192.168.1.1 will also work which obviously we dont want. (And 128-cbc and 192-cbc also)

At least you can protect yourself when you login this way.

New Member

Allow only ssh version 2 with aes256-cbc hmac-sha1 to IOS router

Robert I understand that I can specify which cipher to use from the SSH client.

The problem that I am having is that I am trying to securely copy a file from a local host up into the Cisco Router, while being logged into the Cisco Router.

Router#   ip ssh version 2

Router#   ip scp server enable

Router#   copy  scp:user@remotehost/file   flash:file

When I do this command with Cisco IOS 15.2 it requires that I have 3des-cbc installed on the remotehost in order for the secure copy to proceed.

When I do this command with Cisco IOS 12.4 it works correctly without the 3des-cbc cipher installed on the remotehost.

It appears to me as though the secure copy feature in Cisco IOS 15.x is broken now. It seems that it ignores the ip ssh version 2 specification. Or does this specification only control the ssh session and not the secure copy session?

Cisco Employee

Just for the information : 

Just for the information : 

The option is available in.

Cisco IOS XE Software, Version 03.13.02.S - Extended Support Release
Cisco IOS Software, ASR1000 Software (X86_64_LINUX_IOSD-ADVENTERPRISEK9-M), Version 15.4(3)S2, RELEASE SOFTWARE (fc3)

using below CLI :

Router(config)#ip ssh server algorithm mac ?
hmac-sha1 HMAC-SHA1 (digest length = key length = 160 bits)
hmac-sha1-96 HMAC-SHA1-96 (digest length = 96 bits, key length = 160 bits)


Router(config)#ip ssh server algorithm encryption ?
3des-cbc Three-key 3DES in CBC mode
aes128-cbc AES with 128-bit key in CBC mode
aes128-ctr AES with 128-bit key in CTR mode
aes192-cbc AES with 192-bit key in CBC mode
aes192-ctr AES with 192-bit key in CTR mode
aes256-cbc AES with 256-bit key in CBC mode
aes256-ctr AES with 256-bit key in CTR mode

12946
Views
0
Helpful
17
Replies
CreatePlease to create content