Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10476
Views
7
Helpful
11
Replies

SSH version 2 not supported on cisco 3560 g switch

Go to solution
Sandipan Khatke
Level 1
Level 1

‎09-05-2012 02:35 AM - edited ‎03-04-2019 05:28 PM

Hi,

Is SSH v2 feature is supported on cisco 3560G switch for below image if no please let us know the latest image .

c3560-ipbase-mz.122-35.SE5/c3560-ipbase-mz.122-35.SE5.bin)

BR,

Sandip

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Alessio Andreoli
Level 5
Level 5

‎09-05-2012 04:19 AM

Hi Sandpan,

it definitely supports SSHv2. Adding a note to Peter's post, i was using SSHv2 on a 3560G with a 12.2(44) in one of the previous ISP where i was working for. Remember to verify in the IOS you set that the OS doesn't "fall back" to SSHv1.5 because some of them do it.

Take Care

Alessio

View solution in original post

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Sandipan Khatke

‎09-05-2012 04:30 AM

Hello Sandip,

As Alessio correctly noted (thanks, Alessio!), yes, these IOS versions will definitely support SSHv2. Make sure you configure your switches using the ip ssh version 2 global configuration command.

You can always verify the particular supported features of an IOS using the Cisco Feature Navigator at http://cisco.com/go/fn - click on the "Search by Image" link and paste the IOS name into the form.

Best regards,

Peter

View solution in original post

11 Replies 11

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎09-05-2012 03:57 AM

Hello Sandip,

The Catalyst 3560 switches support SSH but your IOS is too outdated and also, it is an IOS version that intentionally lacks strong cryptographic features such as SSH (it is called "IP BASE W/O CRYPTO" - that's why you have no SSH support).

The most recent IOS version for your switch is either 15.0(2)SE if your switch has 32MB of FLASH memory, or 12.2(55)SE6 if your switch has 16MB of FLASH memory. Be careful to order the IOS whose name contains a "k9" - that is a designation that it contains strong crypto features, i.e.:

c3560-ipbasek9-mz.122-55.SE6.bin

c3560-ipbasek9-mz.150-2.SE.bin

Best regards,

Peter

Go to solution
Sandipan Khatke
Level 1
Level 1
In response to Peter Paluch

‎09-05-2012 04:25 AM

Thanks Peter for your resonse

I agree with you but have a little bit confusion ,Is above IOS version will support SSH version 2

Thanks in advance

BR// Sandip

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Sandipan Khatke

‎09-05-2012 04:30 AM

Hello Sandip,

As Alessio correctly noted (thanks, Alessio!), yes, these IOS versions will definitely support SSHv2. Make sure you configure your switches using the ip ssh version 2 global configuration command.

You can always verify the particular supported features of an IOS using the Cisco Feature Navigator at http://cisco.com/go/fn - click on the "Search by Image" link and paste the IOS name into the form.

Best regards,

Peter

Go to solution
Alessio Andreoli
Level 5
Level 5

‎09-05-2012 04:19 AM

Hi Sandpan,

it definitely supports SSHv2. Adding a note to Peter's post, i was using SSHv2 on a 3560G with a 12.2(44) in one of the previous ISP where i was working for. Remember to verify in the IOS you set that the OS doesn't "fall back" to SSHv1.5 because some of them do it.

Take Care

Alessio

Go to solution
mvsheik123
Level 7
Level 7
In response to Alessio Andreoli

‎09-05-2012 04:28 AM

I second that. I recently upgraded few 3560 switches to 122-55.SE6 and SSH 2 works just fine.

hth

MS

0 Helpful

Go to solution
Sandipan Khatke
Level 1
Level 1
In response to Alessio Andreoli

‎09-05-2012 04:30 AM

Thanks Ales

We can use above IOS version for the same. Please let us know is below IOS version is okay for SSH V2

c3560e-universalk9-mz.122-55.SE.bin.

Good day

BR//Sandip

0 Helpful

Go to solution
Alessio Andreoli
Level 5
Level 5
In response to Sandipan Khatke

‎09-05-2012 06:20 AM

Hi Sandipan,

i have never implemented this specific version but there is an easy test for checking whether the SSH sessions falls back to SSHv1.5 or not. Just download putty and set the following:

you set "2 only" and then you open a session with your switch. nice test that is required during security audit.

Hope this helps

Alessio

0 Helpful

Go to solution
Sandipan Khatke
Level 1
Level 1
In response to Alessio Andreoli

‎09-06-2012 12:03 AM

HI,

Good Day ...

As per Cisco nevigator, above said IOS version not supported to SSH v2 ...Can you recheck and confirm again which IOS version will be support to SSH v2.

BR//Sandip

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Sandipan Khatke

‎09-06-2012 02:33 AM

Sandip,

The Feature Navigator seems to talk nonsense. I've just checked it with both 12.2(55)SE6 and 15.0(2)SE IP SERVICES IOSes that I have around, and both support both client and server SSHv2. I believe that IP BASE will have the same support.

Best regards,

Peter

0 Helpful

Go to solution
Sandipan Khatke
Level 1
Level 1
In response to Peter Paluch

‎09-07-2012 12:08 AM

Hi,

Good Morning & Nice to see you over it again.....:)

Can you give me any artifacts so that same I can share with my client.

BR//Sandip

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Sandipan Khatke

‎09-07-2012 12:51 PM

Hi Sandip,

Can you give me any artifacts so that same I can share with my client.

I am sorry, I do not understand this requirement. Can you say it in different words please?

Best regards,

Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card