8.1 : SSH version 2

Though I did the workbook exact configuration , I had ssh 1.5 as a result instead of 2.0 , can you think of why ?


R7#sh ip ssh
SSH Enabled - version 1.5
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded):
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAQQCn6ikgcwMwN2ifgWa2rqf/kQFUZnN5+k/XsXXDjV0e
R7#sh ver
Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 15.2(4)S1, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Fri 28-Sep-12 14:39 by prod_rel_team


  • Hi Yaser and All,

    Clients are able to gain access with either ssh v1 or ssh v2.

    R6(config)#ip ssh version ?

      <1-2>  Protocol version

    R6(config)#ip ssh version 2

    R6(config)#do show ip ssh

    SSH Enabled - version 2.0

    ssh server now operates in v2, only.   Turned off v1 operation.//RandyB  
  • See the below , it is supporting 2 , however when I do the configuration it ask about the RSA key , although I have already generated the key !! , still the show version superisingly is shoing 1.5

    R7(config)#ip ssh ve
    R7(config)#ip ssh version ?
      <1-2>  Protocol version

    R7(config)#ip ssh version 2
    Please create RSA keys to enable SSH (and of atleast 768 bits for SSH v2).

  • Hi All,

    Here are the 5 steps I'm using:   <I recall that other ways are possible; like naming the key>

    0)  create a hostname:            hostname R1

    1)  create a domain name:      ip domain name myname.edu

    2)  generate a key:                 crypto key generate rsa modulous 768

    3)  enable ssh server:             <IOS automatically enables>

    4)  restrict to SSHv2:               ip ssh version 2

    What are the best commands to verify?  Guessing one should verify using show commands and debug commands.  As well as some "test" connections using ssh client v1 and v2.

Sign In or Register to comment.