topic Re: SSH version on IDSM in Network Security https://community.cisco.com/t5/network-security/ssh-version-on-idsm/m-p/1226406#M77668 <HTML><HEAD></HEAD><BODY><P>Not currently supported.</P><P></P><P>SSHv2 has not been fully tested and supported for all aspects of the sensor. Some features still require SSHv1.</P><P></P><P>No mechanisms are in place to limit the sensor to SSHv2 only.</P><P>Attempting to limit the sensor to SShv2 will cause problems with the sensor.</P><P></P><P>There are enhancement requests that have already been made to fully support SSHv2 across all corresponding features of the sensor, and allow disabling of SSHv1. </P><P>I can not comment on if or when these requests may be fulfilled.</P><P></P><P>In the meantime the best protection for your sensor is to limit the access-list to only the specific IP Addresses that require access. </P></BODY></HTML> Mon, 16 Feb 2009 22:21:53 GMT marcabal 2009-02-16T22:21:53Z SSH version on IDSM https://community.cisco.com/t5/network-security/ssh-version-on-idsm/m-p/1226405#M77665 <P>Can I limit the SSH version to 2 on IDSM? I couldn't find any command for that. It looks like it allows both version 1 and 2. I need to limit it to version 2 only.</P><P></P><P>Thanks.</P> Sun, 10 Mar 2019 11:30:38 GMT https://community.cisco.com/t5/network-security/ssh-version-on-idsm/m-p/1226405#M77665 peterhkim 2019-03-10T11:30:38Z Re: SSH version on IDSM https://community.cisco.com/t5/network-security/ssh-version-on-idsm/m-p/1226406#M77668 <HTML><HEAD></HEAD><BODY><P>Not currently supported.</P><P></P><P>SSHv2 has not been fully tested and supported for all aspects of the sensor. Some features still require SSHv1.</P><P></P><P>No mechanisms are in place to limit the sensor to SSHv2 only.</P><P>Attempting to limit the sensor to SShv2 will cause problems with the sensor.</P><P></P><P>There are enhancement requests that have already been made to fully support SSHv2 across all corresponding features of the sensor, and allow disabling of SSHv1. </P><P>I can not comment on if or when these requests may be fulfilled.</P><P></P><P>In the meantime the best protection for your sensor is to limit the access-list to only the specific IP Addresses that require access. </P></BODY></HTML> Mon, 16 Feb 2009 22:21:53 GMT https://community.cisco.com/t5/network-security/ssh-version-on-idsm/m-p/1226406#M77668 marcabal 2009-02-16T22:21:53Z