The fact that this host would be "trusted" AND also being able to ssh from (ie have its key trusted too) is one of those.
I am all in favour of my devices not having ssh clients on them. This does not detract from the fact one should have inbound ACLs on your VTYs :) Cheers, Matt CCIE #22386 CCSI #31207 On 20 February 2013 10:58, Steve Di Bias <[email protected]> wrote: > Assuming someone hacks into your ASA, having an embedded SSH client would be > the least of your worries > > > On Tuesday, February 19, 2013, Piotr Matusiak wrote: >> >> This is NOT missing feature. There is no TELNET/SSH client for purpose. I >> wouldn't like my ASA become a hop point to the rest of my network if >> someones breaks in. >> >> Regards, >> Piotr >> >> >> On 2/19/13 10:45 PM, Jimmy Larsson wrote: >> >> That has annoyed me since forever as well... >> >> http://nat0.net/another-missing-asa-feature-telnet-and-ssh-client/ >> >> Best regards >> Jimmy >> >> >> 2013/2/19 cisco 2006 <[email protected]> >> >> >> >> ----- Forwarded Message ----- >> From: cisco 2006 <[email protected]> >> To: "[email protected]" >> <[email protected]> >> Sent: Tuesday, 19 February 2013, 20:32 >> Subject: Fw: SSH session >> >> >> >> Dear Sir, >> >> I'm preparing for CCIE Security using IPexpert materials , and I have a >> question about ssh session .The question is that : >> Can I opening ssh from cisco asa to another like a switch ? >> >> Best Regards, >> Israa >> >> >> >> >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> >> >> >> >> -- >> ------- >> Jimmy Larsson >> http://nat0.net >> ------- >> >> >> ___________________________________________ > > > > -- > Thanks, > Steve Di Bias- CCIE #32840 > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
