https://community.cisco.com/t5/network-access-control/disabling-weak-protocols-in-acs-4-2/m-p/1543092#M253910 <HTML><HEAD></HEAD><BODY><P>Hi Steve,</P><P></P><P>Currently SSHv1 cannot be disabled:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a00808d9199.shtml#SSHv1v2">http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a00808d9199.shtml#SSHv1v2</A></P><P></P><P>This is still the case on ACS 4.2.1 which is the latest currently for the ACS 4.x line.</P><P></P><P>That being said, the SSH shell is very limited on the ACS. The only thing that you can do is initiate an RDBMS synchronization. There are three other commands (csutil commands) but they cannot even be run unless the services are stopped.</P><P></P><P>Thanks,</P><P></P><P>Nate</P></BODY></HTML> Tue, 30 Nov 2010 21:55:28 GMT Nate Austin 2010-11-30T21:55:28Z https://community.cisco.com/t5/network-access-control/disabling-weak-protocols-in-acs-4-2/m-p/1543091#M253884 <P>This may be old hat by now but can someone confirm or deny that the SSH server on ACS4.2 can be configured to avoid client negotiation with weak protocols? I'd like to ensure that SSHv1 cannot be used. If it (SSHv1) can be disabled, exactly how is this achived? If it's not possible with ACS4.2 is there a later version where this can be disabled?</P><P></P><P>Thanks,</P><P></P><P></P><P>Steve.</P> Mon, 11 Mar 2019 00:37:27 GMT https://community.cisco.com/t5/network-access-control/disabling-weak-protocols-in-acs-4-2/m-p/1543091#M253884 sforrester 2019-03-11T00:37:27Z https://community.cisco.com/t5/network-access-control/disabling-weak-protocols-in-acs-4-2/m-p/1543092#M253910 <HTML><HEAD></HEAD><BODY><P>Hi Steve,</P><P></P><P>Currently SSHv1 cannot be disabled:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a00808d9199.shtml#SSHv1v2">http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a00808d9199.shtml#SSHv1v2</A></P><P></P><P>This is still the case on ACS 4.2.1 which is the latest currently for the ACS 4.x line.</P><P></P><P>That being said, the SSH shell is very limited on the ACS. The only thing that you can do is initiate an RDBMS synchronization. There are three other commands (csutil commands) but they cannot even be run unless the services are stopped.</P><P></P><P>Thanks,</P><P></P><P>Nate</P></BODY></HTML> Tue, 30 Nov 2010 21:55:28 GMT https://community.cisco.com/t5/network-access-control/disabling-weak-protocols-in-acs-4-2/m-p/1543092#M253910 Nate Austin 2010-11-30T21:55:28Z https://community.cisco.com/t5/network-access-control/disabling-weak-protocols-in-acs-4-2/m-p/1543093#M253930 <HTML><HEAD></HEAD><BODY><P>Many thanks for that definitive answer, very helpful. I can now think about whether I need to go to V5.0+.</P><P></P><P>Regards,</P><P></P><P>Steve</P></BODY></HTML> Wed, 01 Dec 2010 10:27:21 GMT https://community.cisco.com/t5/network-access-control/disabling-weak-protocols-in-acs-4-2/m-p/1543093#M253930 sforrester 2010-12-01T10:27:21Z