RE: If I didn't sepceify the ip ssh version , what would be the

From: Amir.Tahir/Wateen/Lahore (Amir.Tahir@wateen.com)
Date: Sat Jul 05 2008 - 12:23:15 ART

• Next message: yungli2008@gmail.com: "New Dyanmip Problem"
• Previous message: Jack Tsai: "RIP routing table EIGRP won't take it"
• Maybe in reply to: ccie: "If I didn't sepceify the ip ssh version , what would be the"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi there,

With reference to SSH, I believe we have to use no ip ssh ver command
to support Ver1 & ver2. In addition rsa key play an important role.
According to DOC CD we could not support ver2 with 512 bit key. Please
also check if you have just enabled SSH, which version it will enable by
default

Doc CD define SSH as....
If you do not configure this command, SSH by default runs in
compatibility mode; that is, both SSH Version 1 and SSH Version 2
connections are honored.

In addition..." The RSA key-pair size must be greater than or equal to
768."

Please correct me if I am wrong

Regards
__________________
Amir Tahir

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Scott Morris
Sent: Saturday, July 05, 2008 6:20 AM
To: 'Pavlo Bykov'; 'ccie'
Cc: ccielab@groupstudy.com
Subject: RE: If I didn't sepceify the ip ssh version , what would be the
default version?

Cisco's a little strange in the numbering scheme...

If they say SSH 1.5 has been enabled, that will only accept v1. If it
says
SSH 1.99 then it will accept SSH v2 or v1 connections.

I think that's been the case longer. I seem to remember 12.2T things
with
that, although I may be hallucinating.

Scott Morris, CCIE4 #4713, JNCIE-M #153, JNCIS-ER, CISSP, et al.
CCSI/JNCI-M/JNCI-ER
Senior CCIE Instructor

smorris@internetworkexpert.com

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/

Knowledge is power.
Power corrupts.
Study hard and be Eeeeviiiil......
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Pavlo Bykov
Sent: Friday, July 04, 2008 7:40 PM
To: ccie
Cc: ccielab@groupstudy.com
Subject: Re: If I didn't sepceify the ip ssh version , what would be the
default version?

IOS output:

---
Generating RSA keys ...
[OK]
R1(config)#
00:07:12: %SSH-5-ENABLED: SSH 1.99 has been enabled
---
It's 1.99 in quite recent 12.2(25)S15. I remember seeing 1.99 being
default
in documentation as well.
P.S. SSHv1.99 means v2 with v1 fallback enabled.
Regards,
Pavel Bykov
On Fri, Jul 4, 2008 at 10:07 PM, ccie <ccie@just-horizon.com> wrote:
> Hi experts,
>
> If I didn't sepceify the ip ssh version , what would be the default 
> version?
>
> Regards,
>
> Amin
>
>
> ______________________________________________________________________
> _ Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: yungli2008@gmail.com: "New Dyanmip Problem"
• Previous message: Jack Tsai: "RIP routing table EIGRP won't take it"
• Maybe in reply to: ccie: "If I didn't sepceify the ip ssh version , what would be the"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:53 ART