Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1547
  • Last Modified:

How to change SSH v1 to v2 or 3 on IPS SSM-10 on ASA5510

Hi,

I have IPS SSM-10 on ASA5510. I need to change SSH version. No we use version 1 which should be chanaged to 2 or 3.

Thanks for help !

Maxim.
0
Maxim33
Asked:
Maxim33
1 Solution
 
VespaMaruCommented:
I don't think you can do it.  The Cisco IPS module supports SSH 1.5 with a 1024 bit RSA key.

From an NMAP
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 3.7.1p2 (protocol 1.99)
|_sshv1: Server supports SSHv1
| ssh-hostkey: 1024 c4:xx:xx:xx:b9 (RSA1)
|_1024 5a:xx:xx:xx:ae (DSA)

Open in new window


Also from their web site:
http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_setup.html#wp1035869

The ASA server however will support SSH version 2 with a key size of 2048
PORT   STATE SERVICE VERSION
22/tcp open  ssh     Cisco SSH 1.25 (protocol 2.0)
|_ssh-hostkey: 2048 2f:xx:xx:xx:3b (RSA)

Open in new window


I would suspect that the reason they differ is because the IPS sensor is an embedded Linux image and theredore runs a different SSH server.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Become an IT Security Management Expert

In today’s fast-paced, digitally transformed world of business, the need to protect network data and ensure cloud privacy has never been greater. With a B.S. in Network Operations and Security, you can get the credentials it takes to become an IT security management expert.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now