North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
ssh access to cisco and "unfriendlies"
i've been trying to get ssh access to cisco IOS 12.1.2 working, but no matter what i do, the openssh client says "3des not supported by server". so, i fired up a local copy of win32 SecureCRT, and use just "des" encryption, and lo, and behold, it worked. so, i started poking around and discovered that likely what i need is a version of IOS with 3des support. as i understand it, in order to get a 3des IOS, you need to agree to: We will not supply network services (e.g., running a virtual private network) to, or for government organizations/enterprises other than those of, or in: Austria, Australia, Belgium, Canada, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Japan, Luxembourg, Netherlands, New Zealand, Norway, Poland, Portugal, Spain, Sweden, Switzerland, United Kingdom, United States without written authorization from Cisco Systems Inc. and/or the governments of the U.S., United Kingdom, and The Netherlands. now, considering some of my clients, i need to pay heed to this. in smaller countries, the first and only internet service is generally run by the PTT, which is usually a "government organization or enterprise". that being said, i find it extremely draconian that i can't run a 3des IOS on a router in Canada, if i supply network services in countries not on that list. so, when i go to set up a connection to Ghana, i am going to need Cisco's permission if i want 3des ssh enabled on the canadian router? and Brazil? and Mexico? -- [ Jim Mercer [email protected] +1 416 410-5633 ] [ Reptilian Research -- Longer Life through Colder Blood ] [ Don't be fooled by cheap Finnish imitations; BSD is the One True Code. ]