cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Disable SSH V1 in AIP-SSM10

ydcnetwork
Beginner
Beginner

Hi ,

we have AIP-SSM 10 and having lower version of 6.0(5)E2 engine.

To update to the new version we had tried to copy the current config to the remote server using scp. During the process we faced the below error 

AIP-IPS# copy scp://vpsadmin@192.168.2.1//configuration/cfg current-config
Password: ********
Warning: Copying over the current configuration may leave the box in an unstable state.
Would you like to copy current-config to backup-config before proceeding? [yes]: yes
Protocol major versions differ: 1 vs. 2

My remote server is running on Solaris OS having only SSHv2 supported. More over i could able to find AIP-SSM is running on both SSHv1 & SSHv2.

Could any one help us to solve the problem.

Thanks in advance.

4 REPLIES 4

Panos Kampanakis
Cisco Employee
Cisco Employee

Disabling sshv1 on the sensor is tracked with bug CSCsk84977.

The workaround to disable it is

Create a service account (if one does not already exist) using the CLI, then log in using that account and enter the following commands:

su -
cd /etc/ssh
cp sshd_config sshd_config.old
sed -r '/^#?Protocol /cProtocol 2' sshd_config.old > sshd_config

## to apply the changes do:
/etc/init.d/cids reboot

.

I hope it helps.

PK

I have the same issue but using V7.0(4)E4 on a SSM-10 unit.  Are the commands you specficied the same for this version?

Thanks.

Its the same workaround for all IPS software versions and hardware types.

Cheers.

daphilli
Beginner
Beginner

Thanks for the help.  However I was able to get it fixed without restarting the entire IPS.

I used VI to edit /etc/ssh/sshd_config   Removed the ,1 from the Protocol line

Then I used the ps -aux | grep ssh to find the process ID of the sshd

Issue kill -HUP

That way only the sshd got restarted.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: