Maybe I should read the entire message before responding.. hehe.. =) A switched private management lan resolves the cleartext problem. SSH version 1 is apparently supported in 12.0 as well (never played w/ it, so dunno how well it works); http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 limit/120s/120s5/sshv1.htm ..Dylan | -----Original Message----- | From: Paul Froutan [mailto:pfroutan@rackspace.com] | Sent: Friday, April 28, 2000 4:46 PM | To: rmeyer@mhsc.com | Cc: nanog@merit.edu | Subject: RE: ABOVE.NET SECURITY TRUTHS? | | | | I don't think you can. However, I use TACACS on all my switches and | routers. From what I know, TACACS passwords are encrypted | using the key on | your network devices and the TACACS server. So, that, in | combination with | a private management LAN not accessible by your customers | should lock down | your network pretty effectively. Any comments? | | At 4/28/00 -0700, you wrote: | | > > Exiled Dave | > > Sent: Friday, April 28, 2000 1:10 PM | > | > > Lets think about this, cisco in no way has such a flaw | > > that would allow someone to 'root' and erase all the | > > info on switches. The password was sniffed. | > | >Can one setup SSH on a Cisco 6509? | | Paul Froutan Email: | pfroutan@rackspace.com | Rackspace, Ltd <http://www.rackspace.com> | |