|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?)
On Fri, 28 Apr 2000, Greene, Dylan wrote: > SSH version 1 is apparently supported in 12.0 as well (never played w/ it, > so dunno how well it works); It is in some of the 12.0(x) S trains (S == 'service provider').. I am running 12.0(9)S on some 7507s and they have been doing fine (light load). There are still some quirks tho at least in the release I am running: [email protected]:~$ ssh -l jason -c 3des x.y.z.1 [email protected]'s password: r1>show slaveslot0: -#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name 1 .. image F5DA8D1A 6FCD3C 19 7195836 Jan 16 2000 08:31:12 rsp-jv-mz.111-27.CC 2 .. image D8598D7C F7BFD4 23 8909336 Mar 26 2000 09:21:21 rsp-k4pv-mz.120-9.S.bin Local: Corrupted check bytes on input. [email protected]:~$ So just dont do a 'show slaveslot0:' over SSH :-) Anyone else have this problem? Works fine via console or (shudder) telnet.. As far as CPU load(from a show proc cpu): PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 28 640 213 3004 0.00% 0.13% 0.12% 2 SSH Process This is with little EXEC work, I did a few 'show int' then the 'show proc cp'. Memory(show proc mem): PID TTY Allocated Freed Holding Getbufs Retbufs Process 28 2 603464 596892 13368 0 0 SSH Process 99 0 2089744 1218112 6892 0 0 SSH Event handle I would assume that the SSH processing happens only on the main CPU, would be cool to offload it to one/some of the VIPs.. As far as SSH on other models, if you have ever tried to get IPsec / crypto working on a 2500, you know why its a bad idea :) SSH on 6509s , that would be great! Still fighting with the idea of running real IOS on 6500s, if the real IOS part contains SSH, you can bet I would upgrade sooner than later. Anyone running 'real' IOS on 6500s? Any gotchas or superbugs? cheers, -- jason
|