nanog mailing list archives
Re: SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?)
From: John Fraizer <nanog () EnterZone Net>
Date: Fri, 28 Apr 2000 21:30:51 -0400 (EDT)
SSH version 1 is apparently supported in 12.0 as well (never played w/ it, so dunno how well it works);
<snip>
So just dont do a 'show slaveslot0:' over SSH :-) Anyone else have this problem? Works fine via console or (shudder) telnet..
<snip>
SSH on 6509s , that would be great! Still fighting with the idea of running real IOS on 6500s, if the real IOS part contains SSH, you can bet I would upgrade sooner than later. Anyone running 'real' IOS on 6500s? Any gotchas or superbugs?
I have a VERY novel idea for you all and since noone has mentioned it, here goes: NOC----------Management Network---------SSH Drone | | | | Serial Lines -> | | | ---Router1 | | |--Switch1 | -Router2 -Switch2 I know. It's just too simple and it scales so very well so, it MUST be a bad idea. Even if you don't have a dedicated management network, you just put a box that speaks SSH out there with serial access to your routers/switches. If you DO have a management network, you connect that to it as well. No matter what, you're secure to the SSH drone and if someone is in your cabinets tapping the serial lines, you've got big physical security problems to deal with and you had might as well flat out give up on network security. A Force Recon colonel once told me, "If it's a stupid idea, and it works, it must not be a stupid idea." --- John Fraizer
Current thread:
- Re: ABOVE.NET SECURITY TRUTHS?, (continued)
- Re: ABOVE.NET SECURITY TRUTHS? Danny McPherson (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Joe Shaw (Apr 30)
- RE: ABOVE.NET SECURITY TRUTHS? Greene, Dylan (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Mr. James W. Laferriere (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Chris Cappuccio (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Michael Shields (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Mark Milhollan (Apr 30)
- RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Mr. James W. Laferriere (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 28)
- SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?) Jason Ackley (Apr 28)
- Re: SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?) John Fraizer (Apr 28)
- RE: SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?) Roeland Meyer (E-mail) (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Danny McPherson (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? dies (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Christopher B. Zydel (Apr 29)
- Re: ABOVE.NET SECURITY TRUTHS? Dave Crocker (Apr 29)
- Re: ABOVE.NET SECURITY TRUTHS? Henry R. Linneweh (Apr 29)
- RE: ABOVE.NET SECURITY TRUTHS? John Fraizer (Apr 28)