03-11-2010 05:45 AM - edited 03-10-2019 04:55 AM
Hi ,
we have AIP-SSM 10 and having lower version of 6.0(5)E2 engine.
To update to the new version we had tried to copy the current config to the remote server using scp. During the process we faced the below error
AIP-IPS# copy scp://vpsadmin@192.168.2.1//configuration/cfg current-config
Password: ********
Warning: Copying over the current configuration may leave the box in an unstable state.
Would you like to copy current-config to backup-config before proceeding? [yes]: yes
Protocol major versions differ: 1 vs. 2
My remote server is running on Solaris OS having only SSHv2 supported. More over i could able to find AIP-SSM is running on both SSHv1 & SSHv2.
Could any one help us to solve the problem.
Thanks in advance.
03-11-2010 09:42 AM
Disabling sshv1 on the sensor is tracked with bug CSCsk84977.
The workaround to disable it is
Create a service account (if one does not already exist) using the CLI, then log in using that account and enter the following commands:
su -
cd /etc/ssh
cp sshd_config sshd_config.old
sed -r '/^#?Protocol /cProtocol 2' sshd_config.old > sshd_config
## to apply the changes do:
/etc/init.d/cids reboot
.
I hope it helps.
PK
10-14-2010 12:52 PM
I have the same issue but using V7.0(4)E4 on a SSM-10 unit. Are the commands you specficied the same for this version?
Thanks.
10-14-2010 04:07 PM
Its the same workaround for all IPS software versions and hardware types.
Cheers.
09-20-2011 09:56 AM
Thanks for the help. However I was able to get it fixed without restarting the entire IPS.
I used VI to edit /etc/ssh/sshd_config Removed the ,1 from the Protocol line
Then I used the ps -aux | grep ssh to find the process ID of the sshd
Issue kill -HUP
That way only the sshd got restarted.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide