nanog mailing list archives
SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?)
From: Jason Ackley <jason () ackley net>
Date: Fri, 28 Apr 2000 15:43:23 -0700 (PDT)
On Fri, 28 Apr 2000, Greene, Dylan wrote:
SSH version 1 is apparently supported in 12.0 as well (never played w/ it, so dunno how well it works);
It is in some of the 12.0(x) S trains (S == 'service provider').. I am running 12.0(9)S on some 7507s and they have been doing fine (light load). There are still some quirks tho at least in the release I am running: jason@web1:~$ ssh -l jason -c 3des x.y.z.1 jason@x.y.z.1's password: r1>show slaveslot0: -#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name 1 .. image F5DA8D1A 6FCD3C 19 7195836 Jan 16 2000 08:31:12 rsp-jv-mz.111-27.CC 2 .. image D8598D7C F7BFD4 23 8909336 Mar 26 2000 09:21:21 rsp-k4pv-mz.120-9.S.bin Local: Corrupted check bytes on input. jason@web1:~$ So just dont do a 'show slaveslot0:' over SSH :-) Anyone else have this problem? Works fine via console or (shudder) telnet.. As far as CPU load(from a show proc cpu): PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 28 640 213 3004 0.00% 0.13% 0.12% 2 SSH Process This is with little EXEC work, I did a few 'show int' then the 'show proc cp'. Memory(show proc mem): PID TTY Allocated Freed Holding Getbufs Retbufs Process 28 2 603464 596892 13368 0 0 SSH Process 99 0 2089744 1218112 6892 0 0 SSH Event handle I would assume that the SSH processing happens only on the main CPU, would be cool to offload it to one/some of the VIPs.. As far as SSH on other models, if you have ever tried to get IPsec / crypto working on a 2500, you know why its a bad idea :) SSH on 6509s , that would be great! Still fighting with the idea of running real IOS on 6500s, if the real IOS part contains SSH, you can bet I would upgrade sooner than later. Anyone running 'real' IOS on 6500s? Any gotchas or superbugs? cheers, -- jason
Current thread:
- RE: ABOVE.NET SECURITY TRUTHS?, (continued)
- RE: ABOVE.NET SECURITY TRUTHS? Greene, Dylan (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Danny McPherson (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Joe Shaw (Apr 30)
- RE: ABOVE.NET SECURITY TRUTHS? Greene, Dylan (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Mr. James W. Laferriere (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Chris Cappuccio (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Michael Shields (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Mark Milhollan (Apr 30)
- RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Mr. James W. Laferriere (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 28)
- SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?) Jason Ackley (Apr 28)
- Re: SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?) John Fraizer (Apr 28)
- RE: SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?) Roeland Meyer (E-mail) (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? dies (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Christopher B. Zydel (Apr 29)
- Re: ABOVE.NET SECURITY TRUTHS? Dave Crocker (Apr 29)
- Re: ABOVE.NET SECURITY TRUTHS? Henry R. Linneweh (Apr 29)