Solved: how to Disable compatibility with version 1 of the SSH protocol.

baselzind · ‎10-30-2023

I received the below vulnerability from the security team

The remote SSH daemon supports connections made using the version 1.33
and/or 1.5 of the SSH protocol.

These protocols are not completely cryptographically safe so they
should not be used.

however I'm not sure how to disable the 1.33 and 1.5 compatibility as when i have already checked all the switches and they are showing either v 1.99 or v 2

#sh ip ssh
SSH Enabled - version 1.99 (or 2)

Torbjørn · ‎10-30-2023

SSH v1 will be disabled if you add the following line of configuration: ip ssh version 2

I don't believe there is any other way to disable these ancient SSH versions. Version 2 was introduced in 2006 and is pretty much ubiquitous. There is very little reason to run SSH v1 unless you have a very specific reason for it at this point.

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

View solution in original post

Torbjørn · ‎10-30-2023

SSH v1 will be disabled if you add the following line of configuration: ip ssh version 2

I don't believe there is any other way to disable these ancient SSH versions. Version 2 was introduced in 2006 and is pretty much ubiquitous. There is very little reason to run SSH v1 unless you have a very specific reason for it at this point.

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

M02@rt37 · ‎10-30-2023

Hello @baselzind,

Ensure to enter the command ip ssh version 2 under configuration terminal.

Refer to this post:

https://community.cisco.com/t5/switching/disabling-ssh-version-1/td-p/1237936

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.