10-30-2023 01:02 AM
I received the below vulnerability from the security team
The remote SSH daemon supports connections made using the version 1.33
and/or 1.5 of the SSH protocol.
These protocols are not completely cryptographically safe so they
should not be used.
however I'm not sure how to disable the 1.33 and 1.5 compatibility as when i have already checked all the switches and they are showing either v 1.99 or v 2
#sh ip ssh
SSH Enabled - version 1.99 (or 2)
Solved! Go to Solution.
10-30-2023 01:14 AM - edited 10-30-2023 01:19 AM
SSH v1 will be disabled if you add the following line of configuration: ip ssh version 2
I don't believe there is any other way to disable these ancient SSH versions. Version 2 was introduced in 2006 and is pretty much ubiquitous. There is very little reason to run SSH v1 unless you have a very specific reason for it at this point.
10-30-2023 01:14 AM - edited 10-30-2023 01:19 AM
SSH v1 will be disabled if you add the following line of configuration: ip ssh version 2
I don't believe there is any other way to disable these ancient SSH versions. Version 2 was introduced in 2006 and is pretty much ubiquitous. There is very little reason to run SSH v1 unless you have a very specific reason for it at this point.
10-30-2023 01:51 AM
Hello @baselzind,
Ensure to enter the command ip ssh version 2 under configuration terminal.
Refer to this post:
https://community.cisco.com/t5/switching/disabling-ssh-version-1/td-p/1237936
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide