3550 SSH setup

Unanswered Question
May 4th, 2007

I have a Cat 3550 in which I enable SSH on, now the console password seems to be disabled.(Yes I do have one setup) I can plug a console cable in and the I get right into user mode (no password). Ive tried to find info on this but havent been very succesful. Anybody know how to re-enable the console password? Or if I cant re-enable it what causes this to be disabled with SSH present? Any help is appreciated. Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Amit Singh Fri, 05/04/2007 - 10:38

Were you asked the login before configuring the SSH? What if you disable the SSH, does the switch behave the same way?

Please paste the show version and config from the switch. I dont think SSH config is related to the problem that you are facing.

-amit singh

thefindjack Fri, 05/04/2007 - 10:46

Yes the console password worked up until the point in which I enable SSH then it never worked after that.

Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version 12.2(35)SE3, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-2007 by Cisco Systems, Inc.

Compiled Fri 16-Mar-07 00:43 by antonino

Image text-base: 0x00003000, data-base: 0x00E86000

ROM: Bootstrap program is C3550 boot loader

External_3550 uptime is 3 days, 7 hours, 53 minutes

System returned to ROM by power-on

System restarted at 06:51:59 EDT Tue May 1 2007

System image file is "flash:/c3550-ipservicesk9-mz.122-35.SE3.bin"

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:


If you require further assistance please contact us by sending email to

[email protected].

Cisco WS-C3550-24-PWR (PowerPC) processor (revision E0) with 65526K/8192K bytes of memory.

Processor board ID CAT0805Z17L

Last reset from warm-reset

Running Layer2/3 Switching Image

Ethernet-controller 1 has 12 Fast Ethernet/IEEE 802.3 interfaces

Ethernet-controller 2 has 12 Fast Ethernet/IEEE 802.3 interfaces

Ethernet-controller 3 has 1 Gigabit Ethernet/IEEE 802.3 interface

Ethernet-controller 4 has 1 Gigabit Ethernet/IEEE 802.3 interface

24 FastEthernet interfaces

2 Gigabit Ethernet interfaces

The password-recovery mechanism is enabled.

384K bytes of flash-simulated NVRAM.

Base ethernet MAC Address: 00:0F:24:94:71:80

Motherboard assembly number: 73-8100-07

Power supply part number: 341-0029-03

Motherboard serial number: CAT08050P4G

Power supply serial number: DTH0748048T

Model revision number: E0

Motherboard revision number: A0

Model number: WS-C3550-24PWR-SMI

System serial number: CAT0805Z17L

Configuration register is 0x10F

thefindjack Fri, 05/04/2007 - 10:53

I also just checked my 3750's that have SSH setup and I have the same problem...do you have to do some other sort of authentication setup for the console port for SSH w/ AAA username and passwords?

Amit Singh Fri, 05/04/2007 - 11:10

Please paste the switch config. Are you using AAA for suthentication. If you are using local authentication on the switch make sure AAA is disabled on console access.

-amit singh

thefindjack Fri, 05/04/2007 - 11:32

Here is all the relevant information....

version 12.2

no service pad

service timestamps debug datetime localtime

service timestamps log datetime localtime

service password-encryption


hostname **************


enable secret 5 *****


username **** secret 5 ****

aaa new-model


aaa session-id common

clock timezone EST -5

clock summer-time EDT recurring

ip subnet-zero

ip domain-name *********.COM


ip ssh time-out 60

ip ssh authentication-retries 2

vtp domain ********

vtp mode transparent



crypto pki trustpoint TP-self-signed-613708160

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-613708160

revocation-check none

rsakeypair TP-self-signed-613708160



crypto pki certificate chain TP-self-signed-613708160

certificate self-signed 01

308202AC 30820215 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

5D312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 36313337 30383136 30312B30 2906092A 864886F7 0D010902

161C4578 7465726E 616C5F33 3535302E 46494E49 53484C49 4E452E43 4F4D301E

170D3933 30333031 30303032 31395A17 0D323030 31303130 30303030 305A305D

312E302C 06035504 03132549 4F532D53 656C662D 5369676E 65642D43 65727469

66696361 74652D36 31333730 38313630 312B3029 06092A86 4886F70D 01090216

1C457874 65726E61 6C5F3335 35302E46 494E4953 484C494E 452E434F 4D30819F

300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100B762 AE6F35B6

BDD8D7C5 33077279 BC26DE85 52AFDB20 BCBCC86B C82ACA17 6B6E4C83 6EC814E6

10A993D8 2B72F168 387DC8FC 4B20462F AFE6043B 92786C36 9E2A492D 61428F9F

42E255F0 60AA39F7 AF39082C 5C1B01B6 BB8FD5B3 E3215B9F 2E28E037 BF185B46

9D463BDE 3910CE70 AF09D816 089184AB 1EEF2F71 759CF13F 20530203 010001A3

7C307A30 0F060355 1D130101 FF040530 030101FF 30270603 551D1104 20301E82

1C457874 65726E61 6C5F3335 35302E46 494E4953 484C494E 452E434F 4D301F06

03551D23 04183016 8014157B 8B2CE909 97AC0F68 42F01E8F FC13E063 AF8A301D

0603551D 0E041604 14157B8B 2CE90997 AC0F6842 F01E8FFC 13E063AF 8A300D06

092A8648 86F70D01 01040500 03818100 1F197D2F 22B7BD4A 9DB25EF3 F2C4BCF1

47F607FB 4C2FB2BB EEDE0360 F275E449 36BCA2F0 9B7BCDD4 12252EA2 6B5331BD

0284A0F5 DC56B409 C4D9CD5E 642152D8 689EC57E D0D095FD 16E4FBB5 E326BD46

4DB32AAC 0A89C1A8 78757413 2B74D68E 2F05640E 4DBD74C1 11D36F60 76173E2D

A44DA182 31630938 6BBF3432 9ADA4283



line con 0

password 7 122D06181F061E8536954769

logging synchronous

transport preferred none

line vty 0 4

password 7 046F065825C5E410A121656

logging synchronous

transport preferred none

transport input ssh

line vty 5 15

access-class 10 in

password 7 09784D064658051D0207176B

transport preferred none

transport input ssh



Amit Singh Fri, 05/04/2007 - 11:22

If you are using AAA then you have to configure " AAA autehntication " under the " line console "

config t

line console

login authentication default << If using default list in the aaa authentication config

or the list specified in the authenctication config.

Please use the link below for more understanding.



-amit singh

thefindjack Fri, 05/04/2007 - 11:43

Thank you for pointing me in the right direction! Your help was very useful and it resolved my issue. Thanks


This Discussion