Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12
  1. #11
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    We have asked our Cisco reps before about this and they always claim that there was very little customer interest in adding a more suitable ssh to the routers (ie, customers need to B&C a little). Cisco does support ssh but it is protocol 1 with weak DES encryption (which thanks to tools like DSNIFF isn't much better than telnet). I also understand you can purchase an ssh that used protocol 2 for Cisco products; however, from what I have been told it is quite expensive...

    I agree with the others though, proper ACL's on your VTY's (as well as other steps to properly secure your router) should mitigate most of your security problems.

    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  2. #12
    Just Another Geek
    Join Date
    Jul 2002
    Rotterdam, Netherlands

    Re: Cisco router SSH

    Originally posted here by shaded3l33t
    Unless I'm mistaken, can someone tell me why Cisco routers(high end) don't have ssh and telnet instead of just telnet?
    This is because Cisco expects you to administer your router using an IPSec connection. This way they don't need to secure some of the insecure methods (telnet, http etc.) for administrating your router. Since resources are a bit limited (on a router/switch) they're opting for more features based on networking not remote administration.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.