Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1457
Views
10
Helpful
6
Replies

Is the console more secure than ssh when using show tech-support?

Go to solution
ohchan
Level 1
Level 1

‎01-06-2022 05:32 PM

Hi

 

Last time I accessed C4506 remotely via ssh and used the show tech-support command.

 

The result is a hardware fault.

 

I try to access the C4056 through the console and run the show tech-support command.

 

Is it more secure than ssh?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎01-06-2022 10:06 PM

No difference in output.

View solution in original post

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-06-2022 10:25 PM

There is nothing called secure here, show tech we use to get information for TAC support.

 

when you issue this command the switch will take some CPU process, so this command needs to be used with bit cautious all the time when you doing a busy switch in a production network.

 

output is the same SSH or Console..

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

6 Replies 6

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎01-06-2022 10:06 PM

No difference in output.

Go to solution
ohchan
Level 1
Level 1
In response to Leo Laohoo

‎01-06-2022 10:32 PM

thank you for the reply

 

ssh, you mean there is no difference for console CPU output?

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to ohchan

‎01-06-2022 11:31 PM - edited ‎01-06-2022 11:34 PM

@ohchan wrote:

ssh, you mean there is no difference for console CPU output?

Depends on the platform, depends on the supervisor engine, IOS version.

Your questions have nothing to do with CSCul00025 &/or CSCvd29392, does it?

0 Helpful

Go to solution
ohchan
Level 1
Level 1
In response to Leo Laohoo

‎01-07-2022 06:32 AM

yes different

 

As soon as I entered the show tech-support command, the device had to be replaced after a reboot.

 

The work was done during the day and "show tech-support" was done during peak packet throughput times.

 

This time, I'm going to proceed with the console, but I'm curious if it's safer.

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-06-2022 10:25 PM

There is nothing called secure here, show tech we use to get information for TAC support.

 

when you issue this command the switch will take some CPU process, so this command needs to be used with bit cautious all the time when you doing a busy switch in a production network.

 

output is the same SSH or Console..

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎01-07-2022 09:05 AM

From reading your OP and follow up posts, are you actually asking about security or impact to device?

For the former, perhaps in theory, console would be more secure than SSH, as the latter would more likely allow a man-in-the-middle, although, of course, SSH encrypts the data which console does not.  But, in your console connection is really "local" to the device, tapping the line should be more "noticeable".  Of course, if your console link is "remote", than it's like less secure.

As to impact on the device, later Cisco devices often support encryption with some form of hardware support.  With such, in theory, likely it's less impactful than a console link, where RS-232 is likely to going to generate more hardware interrupts.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card