Wireless Access

 View Only

  • 1.  Verify Version of SSH

    Posted Nov 04, 2019 04:53 PM

    I'm using AOS 6.4 on a 3600 controller, and I want to find a definitive way to confirm that the controller is using SSHv2 and not SSHv1. 

     

    Using "show ssh" doesn't give enough information.

     

    Looking in the running config will show "netservice svc-ssh tcp 22", which originally made me wonder if maybe SSH-1 does not use TCP 22 and that would be how to tell the difference, but it seems SSH-1 still comes over that same port.

     

    So does anyone know any CLI commands to see a definite version number, or maybe somewhere in the GUI that it can be found.

     

    Thank you for any help I can get!



  • 2.  RE: Verify Version of SSH

    Posted Nov 05, 2019 04:55 AM

    If you have an SSH client on a Mac or Linux platform, you can use the -v flag to see the negotiated protocol when connecting to a server (your controller):

    MacBook:~ $ ssh -v 192.168.31.2
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/me/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 192.168.31.2 [192.168.31.2] port 22.
debug1: Connection established.
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version OpenSSH
debug1: match: OpenSSH pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.31.2:22 as 'me'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
....

    SSH v1/v2 both use tcp port 22, so you can't tell from there.

     

    If you can find an ssh client old enough, you should be able to use the -1 flag and see if you can connect. I could not find a client that still has sshv1:

    ssh -v -1 192.168.31.2
SSH protocol v.1 is no longer supported


Related Content