Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
617
Views
0
Helpful
1
Replies

SSH v1 on ASA 8.4

Ruterford
Level 1
Level 1

‎12-10-2012 03:43 PM - edited ‎03-11-2019 05:35 PM

Hello All,

I was just curious if SSH v1 is considered vulnerable why is it still enabled by default on the ASA 8.4 by default?

What is the vulnerability impact of using SSH v1 on an ASA?

Thanks!

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-10-2012 07:35 PM

Well only the product managers can answer "why?". I would venture to guess all defaults are a considered balance between ease of usability and best practices.

The vulnerability is easily mitigated so perhaps that's the thinking. It's most common in my experience to not allow ssh to any public interface. So that in itself restricts the vulnerability to inside hackers. Plus if you go the the trouble of allowing ssh at all (not allowed by default) just check the box (or add the cli option) to restrict ssh to v2.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card