cisco switch configuration ssh Remote Login


Recently, I have sorted out some previous study notes (some of them are missing, some of them will be disordered, and I will make up later).
In the past, it was stored locally, and this time it was transferred to the network for standby.


cisco SSH Remote Login configuration

0. Configure ip, start port

Switch>enable						            //Enter privileged mode
Switch#configure terminal / / enter global mode
Switch(config)#interface vlan 1 / / enter port VLAN 1
Switch(config-if)#ip address set ip subnet mask / / set ip
Switch(config-if)#no shutdown / / start port

1. Configure hostname and domain name

· rsa The secret key to hostname and domain-name Produced
  Switch> enable
  Switch# configure terminal
  Switch(config)# Hostname switch ssh / / modify the device name. It cannot be router when ssh is configured.
  Switch-ssh(config)# IP domain name / / to modify the domain name, ssh must be configured.
  Switch-ssh(config)# AAA new model / / enable 3a authentication (partially enabled)

2. Generate RSA secret key

· generate RSA Secret key after ssh The service will turn on automatically, otherwise it will turn off automatically
Switch-ssh(config)# crypto key generate rsa / / generate RSA secret key
    How many bits in the modulus [512]: 768         //Set the length of the secret key, specify that the ssh2 version requires at least 768
    %SSH-5-ENABLED: SSH 1.5 has been enabled        //ssh auto on
Switch-ssh(config)# Crypto key zero RSA / / delete RSA key

3. Create a new user and password

Switch-ssh(config)# Username username privilege 0 secret password / / 0, ssh will not enter privilege mode automatically

4. Configure enable privilege password

Switch-ssh(config)# enable secret password

5. Configure vty (virtual terminal)

Switch-ssh(config)# Line vty 0 4 / / 4, maximum number of parallel connections
Switch-ssh(config-line)# transport input ssh / / only ssh is allowed.
Switch-ssh(config-line)# Exec timeout 10 0 / / timeout
Switch-ssh(config-line)# logging synchronous / / cursor following, synchronous information output
Switch-ssh(config-line)# login local / / local password detection

6. Other settings of SSH

Switch-ssh(config)# IP SSH authentication retries 2 / / number of SSH authentication failures
Switch-ssh(config)# IP SSH time out 120 / / SSH timeout in seconds
Switch-ssh(config)# ip ssh version 2 / / specifies the ssh protocol version
Switch-ssh(config)# IP ssh source interface F0 / 0 / / specify the ssh interface (vlan can also be used)

7. Save configuration

# write

8. Test login

  • Using ssh command on cisco device requires specifying user (if username is not configured locally)
    # Ssh-l switch user name switch ip address
        Password:User password
    # sw_ssh>enable
        Password: Privilege password

Keywords: Operation & Maintenance ssh network

Added by TaosBill on Thu, 17 Oct 2019 23:59:25 +0300