I was able to import a copy of the 5.4 PIX Shun Remediation module into my system running 6.2.3. It works, but only if SSH v1 is enabled on my ASA, with v2 it doesn't. I ran debug ssh on the ASA when trying with version 2 and this is what I got:
Device ssh opened successfully.
SSH1: SSH client: IP = 'x.x.x.x' interface # = 4
SSH: host key initialised
SSH1: starting SSH control process
SSH1: Exchanging versions - SSH-2.0-Cisco-1.25
SSH1: send SSH message: outdata is NULL
server version string:SSH-2.0-Cisco-1.25
SSH1: receive SSH message: 83 (83)
SSH1: client version is - SSH-2.0-1.34
client version string:SSH-2.0-1.34
SSH2 1: SSH2_MSG_KEXINIT sentSSH1: TCP read failed, error code = 0x86300003 "TCP connection closed"
SSH1: receive SSH message: [no message ID: variable *data is NULL]
SSH2 1: ssh_send unsuccessfulSSH1: Session disconnected by SSH server - error 0x00 "Internal error"
I can SSH from the CLI of my Firepower TDC VM, which uses OpenSSH, so I know that works. I have tried to re-write the SSH.pm script contained in the cisco_pix.tgz file to use the instance of OpenSSH that is installed, but I'm not a programmer and have not had any success. Can anyone help?