MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.
Solved
SHH problem
Posted on 2007-12-04
Hi everybody! I have a new cisco catalyst 2950 switch. I have upgraded
today the IOS to support encryption and also I have enabled the SSH
server on the switch.
#configure terminal
#hostname switch
#ip domain name sky.com
#crypto key generate rsa
I'm trying to get connected to the switch using
SSH Tera Pro clent. But when I'm promped for authentication I cannot
figure out what are the default username and password. If there is one?
I have created username test with password test.
#username test privilege 15 password test
Doesn't work to me again. Probabbly I'm doing something wrong.
Anybody has an idea?
This is after #debug ip ssh
20:15:30: SSH2 0: input: padlen 11
20:15:30: SSH2 0: received packet type 50
20:15:30: SSH2 0: send: len 24 (includes padlen 5)
20:15:30: SSH2 0: done calc MAC out #6
20:15:30: SSH2 0: input: packet len 152
20:15:30: SSH2 0: partial packet 8, need 144, maclen 20
20:15:30: SSH2 0: MAC #12 ok
20:15:30: SSH2 0: input: padlen 6
20:15:30: SSH2 0: received packet type 2
20:15:40: SSH2 0: ssh_receive: 292 bytes received
20:15:40: SSH2 0: input: packet len 16
20:15:40: SSH2 0: partial packet 8, need 8, maclen 20
20:15:40: SSH2 0: MAC #13 ok
20:15:40: SSH2 0: input: padlen 6
20:15:40: SSH2 0: received packet type 2
20:15:40: SSH2 0: input: packet len 64
20:15:40: SSH2 0: partial packet 8, need 56, maclen 20
20:15:40: SSH2 0: MAC #14 ok
20:15:40: SSH2 0: input: padlen 11
20:15:40: SSH2 0: received packet type 50
20:15:40: SSH2 0: send: len 24 (includes padlen 5)
20:15:40: SSH2 0: done calc MAC out #7
20:15:40: SSH2 0: authentication failed for userid (code=1)
20:15:40: SSH0: Session disconnected - error 0x09
Thanks,
today the IOS to support encryption and also I have enabled the SSH
server on the switch.
#configure terminal
#hostname switch
#ip domain name sky.com
#crypto key generate rsa
I'm trying to get connected to the switch using
SSH Tera Pro clent. But when I'm promped for authentication I cannot
figure out what are the default username and password. If there is one?
I have created username test with password test.
#username test privilege 15 password test
Doesn't work to me again. Probabbly I'm doing something wrong.
Anybody has an idea?
This is after #debug ip ssh
20:15:30: SSH2 0: input: padlen 11
20:15:30: SSH2 0: received packet type 50
20:15:30: SSH2 0: send: len 24 (includes padlen 5)
20:15:30: SSH2 0: done calc MAC out #6
20:15:30: SSH2 0: input: packet len 152
20:15:30: SSH2 0: partial packet 8, need 144, maclen 20
20:15:30: SSH2 0: MAC #12 ok
20:15:30: SSH2 0: input: padlen 6
20:15:30: SSH2 0: received packet type 2
20:15:40: SSH2 0: ssh_receive: 292 bytes received
20:15:40: SSH2 0: input: packet len 16
20:15:40: SSH2 0: partial packet 8, need 8, maclen 20
20:15:40: SSH2 0: MAC #13 ok
20:15:40: SSH2 0: input: padlen 6
20:15:40: SSH2 0: received packet type 2
20:15:40: SSH2 0: input: packet len 64
20:15:40: SSH2 0: partial packet 8, need 56, maclen 20
20:15:40: SSH2 0: MAC #14 ok
20:15:40: SSH2 0: input: padlen 11
20:15:40: SSH2 0: received packet type 50
20:15:40: SSH2 0: send: len 24 (includes padlen 5)
20:15:40: SSH2 0: done calc MAC out #7
20:15:40: SSH2 0: authentication failed for userid (code=1)
20:15:40: SSH0: Session disconnected - error 0x09
Thanks,
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3-
2
5 Comments
provided you have "aaa authentication login default local" set in your running config, the user/pass pair you set up should be used.
Do you want to dump any bits of your config that relate to authentication into the question?
Do you want to dump any bits of your config that relate to authentication into the question?
Thanks for the replay but I'm not sure I understand what do you mean with "aaa authentication login default local"
This is the switch config:
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
enable secret 5 XXXXXXXXX
!
username test privilege 15 password 0 test
errdisable recovery cause link-flap
errdisable recovery interval 60
ip subnet-zero
!
ip domain-name thirdsecurity.com
ip ssh time-out 60
ip ssh authentication-retries 2
udld aggressive
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
macro global description cisco-global
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
.
.
.
interface FastEthernet0/48
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 192.168.1.199 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.1.1
ip http server
tftp-server flash c2950-i6k2l2q4-mz.121-22.E
tftp-server flash:
!
line con 0
exec-timeout 0 0
line vty 0 4
password XXX
login
line vty 5 15
password XXX
login!
end
This is the switch config:
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
enable secret 5 XXXXXXXXX
!
username test privilege 15 password 0 test
errdisable recovery cause link-flap
errdisable recovery interval 60
ip subnet-zero
!
ip domain-name thirdsecurity.com
ip ssh time-out 60
ip ssh authentication-retries 2
udld aggressive
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
macro global description cisco-global
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
.
.
.
interface FastEthernet0/48
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 192.168.1.199 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.1.1
ip http server
tftp-server flash c2950-i6k2l2q4-mz.121-22.E
tftp-server flash:
!
line con 0
exec-timeout 0 0
line vty 0 4
password XXX
login
line vty 5 15
password XXX
login!
end
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
- Vulnerabilities
- Home Security
- Ransomware
- Cybersecurity
- OS Security
- Network Security, Security
Encryption for Business
Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely.
Download Secure Shell:
Follow basic installation instructions:
Open Secure Shell and use "Quick Connect" to enter credentials includi…
The Email Laundry PDF encryption service allows companies to send confidential encrypted emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses
Course of the Month12 days, 5 hours left to enroll
636 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.