Configuring Ssh Options - Cisco ASR 5000 Series Administration Manual
Staros release 21.4
Hide thumbs
Also See for ASR 5000 Series:
- Product overview (992 pages) ,
- Installation manual (317 pages) ,
- Administration manual (234 pages)
Table of Contents
Advertisement
Getting Started
Step 8
Verify the configuration of the IP routes by entering the following command:
host_name
[local]
The CLI output should be similar to the sample output:
"*" indicates the Best or Used route.
Destination
*0.0.0.0/0
network
*
Step 9
Verify the interface binding by entering the following command:
host_name
[local]
interface_name> is the name of the interface that was configured in step 7b.The CLI output should be similar to the
sample output:
Intf Name:
Intf Type:
Description:
IP State:
IP Address:
Bcast Address:
Resoln Type:
Number of Secondary Addresses:
Step 10
Save your configuration as described in Verifying and Saving Your Configuration.
Configuring SSH Options
SSHv2 RSA is the only version of SSH supported under StarOS. Keywords previously supported for SSHv1
RSA and SSHv2 DSA have been removed from or concealed within the StarOS CLI.
Important
Version 1 of the SSH protocol is now obsolete due to security vulnerabilities. The v1-rsa keyword has been
removed for the Context Configuration mode ssh command. Running a script or configuration that uses the
SSHv1-RSA key returns an error message and generates an event log. The output of the error message is
shown below:
CLI print failure Failure: SSH V1 contains multiple structural vulnerabilities and is no
longer considered secure. Therefore we don't support v1-rsa SSH key any longer, please
generate a new v2-rsa key to replace this old one.
If the system boots from a configuration that contains the v1-rsa key, you can expect a boot failure when
logging in through SSH. The workaround is to log in via the Console port, re-generate a new ssh v2-rsa key,
and configure server sshd. It will then be possible to log in via ssh.
The v2-dsa keyword is now concealed for the Context Configuration mode ssh command
show ip route
#
Nexthop
ipaddress
static
0.0.0.0
connected
show ip interface name interface_name
#
mio1
Broadcast
UP (Bound to 5/1 untagged, ifIndex 83951617)
ipaddress
bcastaddress
ARP
0
A keyword that was supported in a previous release may be concealed in subsequent releases. StarOS
continues to parse concealed keywords in existing scripts and configuration files created in a previous
release. But the concealed keyword no longer appears in the command syntax for use in new scripts or
configuration files. Entering a question mark (?) will not display a concealed keyword as part of the Help
text. Removed keywords generate an error message when parsed.
Protocol
Prec Cost Interface
1
0
mio1
0
0
mio1
Subnet Mask:
MTU:
ARP timeout:
ASR 5500 System Administration Guide, StarOS Release 21.4
Configuring SSH Options
subnetmask
1500
3600 secs
29
Advertisement
Table of Contents
Troubleshooting
