You can get 3DES images for most of the "normal" routers. According to the
docs, the SSH _client_ supports DES and 3DES, so I don't see why the server
shouldn't.
I've not tested the 3DES stuff personally since we've not had anyone move to
3DES since the export restrictions were eased - sorry.
Here's the link I'm referring to (from the 1700 series rel. notes):
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121relnt/170
0/rn1700t.htm#xtocid933723
And here's the quote:
"The SSH client in Cisco IOS software works with publicly and commercially
available SSH servers. The SSH client supports the ciphers of Data
Encryption Standard (DES), Triple DES (3DES), and password authentication."
I would enable the server on your router, connect with a client with only
3DES allowed as cipher and see what happens. You can verify the encryption
on the router with the "sh ip ssh" command.
Cheers,
--
Ben Nagy
Network Consultant, Volante Solutions
PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520
> -----Original Message-----
> From: Mike Forrester [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, 15 August 2000 1:15 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Syslog thru Firewall
>
>
> While going through the Cisco website for info on setting up
> ssh on some
> test routers, I found references to 168-bit (3DES) ssh. I've
> only been able
> to find 168-bit IOS'es for ubr's. Does anyone know if 168-bit ssh is
> available for non-broadband routers?
>
> I have 56-bit (DES) ssh running on our test routers. Has
> anyone had any
> problems using these "T" releases (12.1(1)T, 12.1(2)T, or 12.1(3)T) in
> production?
>
> Mike
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
