Cisco Bug: CSCvi85020 - Order of SSH configuration generates "SSH version 1 is not secure." error messages at boot
May 31, 2018
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: With the upcoming removal of SSH version 1, the ASA now generates a WARNING when configuring SSH if the version is not defined as version 2: WARNING: SSH version 1 is not secure. It is recommended that only SSH version 2 be used. SSH version 1 support will be removed in a future release. The problem is that the order of the configuration on the ASA puts the 'ssh version 2' line far enough down the parser/cfg that the ASA generates this error at boot (when processing the "ssh x.x.x.x x.x.x.x <intf_name>" portion) Conditions: This occurs on version 9.9(2) where the SSH Version 1 warning was introduced.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases