09-16-2024 10:50 AM
A scan has suggested that an SG350 ver 2.5.9.16 switch is running SSH 1.3 or 1.5 and that it should be disabled. However, it doesn't appear to be running this version. If I enter show ip ssh then I get this output:
It doesn't state the version. Connections are refused in putty when using SSH 1. When I look at both keys, they are SSH2.
I've seen in other threads that you can enter ip ssh ver 2 in configuration mode but ip ssh ? shows that "version" is not an option. I'm also not seeing "SSH Enabled - version 2.0" in the sh ip ssh output.
How can I be 100% certain that this switch isn't allowing any SSH 1.3/1.5 connections if putty isn't able to connect with SSH1? Is it possible to generate an SSH1 key and see if the switch allows it?
09-17-2024 12:10 AM
- This could be useful : % nmap --script ssh2-enum-algos SG350
nmap -sV SG350
09-17-2024 10:17 AM
I appreciate the response but I can't really do that without triggering a SYN attack on the device. Is there some way on the Cisco device itself that would confirm if SSH1 is running? As stated previous, all I can see is that SSH is running but nothing regarding versions.
Thanks.
09-17-2024 10:33 AM
% nmap -sV SG350
is the preferred command ; this will not trigger a syn attack ,
(the first one might do that but this one won't)
M.
09-17-2024 11:39 AM
I tried again with -p 22 and it doesn't appear that SSHv1 is seen in nmap's sshv1 script. Maybe it really isn't SSHv1 enabled.
09-17-2024 12:31 PM
- Normally for that command you don't need the '-p 22' option ; then it will list the version of all services that it can find on the SG ,
M.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide