Preview Tool

Cisco Bug: CSCus92950 - Improve IOS SSH/SCP implementations to make use of HW Crypto resources

Last Modified

May 31, 2018

Products (104)

  • Cisco IOS
  • Cisco 819 Hardened Integrated Services Router
  • Cisco C897VA Integrated Services Router
  • Cisco 886VA-CUBE Integrated Services Router
  • Cisco 812 CiFi Integrated Services Router
  • Cisco 898 Secure G.SHDSL EFM/ATM with Multi-Mode 4G LTE ISR Router
  • Cisco 888W Integrated Services Router
  • Cisco 892W Integrated Services Router
  • Cisco 2951 Integrated Services Router
  • Cisco VG204XM Analog Voice Gateway
View all products in Bug Search Tool Login Required

Known Affected Releases

15.2(4)M 15.3(3)M 15.4(3)M

Description (partial)

Slow transfer and High CPU (over 95%) is recorded during SCP of a larger file (e.g. IOS image)  to the device's flash disk. The behaviour persists both with OnBoard Crypto and with the ISM crypto module.

SSH is currently not using the HW crypto-engine to offload compute intensive operations, it
only leverages a limited amount of functions from the HW crypto engines, e.g. to generate keys
or to perform signing operations, all other SCP/SSH operations will be done in software only.

There is a need to improve the IOS SSH/SCP implementations so that HW Crypto resources are fully

Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.