3750 SSH access

Unanswered Question
Jun 19th, 2007

I am trying to set up SSH access toa 3750 switch, rather than standard telnet.

I am not able to configure this: should it be possible to?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
m-haddad Tue, 06/19/2007 - 15:38

You need the IOS on the 3750 that supports SSH which is the crypto image. It seems you have LAN Based or IP based image without crypto support.

Hope this clarifies the issue,

Appreciate your rating,


glen.grant Tue, 06/19/2007 - 16:02

If your imagename does not have a K9 in the imagename it does not support ssh and you would have to get the crypto image from CCO.

criss_noh Mon, 06/25/2007 - 23:39

The below is the sample configuration.

username xxx password xxx

ip domain-name rack13.cisco.com

crypto key generate rsa

line vty 0 15

transport input ssh

login local

mylove142 Tue, 06/26/2007 - 23:47

How about ip domain-name? If I don't configure ip domain-name, I can run ssh? Please answer me early. Thank you very much.

criss_noh Wed, 06/27/2007 - 03:04

you need to set up ip domain-name because in order to creat encrpted password, you need to define username, ip domain-name and password.

hash alghorism reders those.

BUT you can configure as following. I just did and made sure it worked just now. ^^

====== config =======

step 1. ip ssh rsa keypair-name cisco

step 2. username cisco password 0 ccie

step 3. line vty 0 4

login local

transport input ssh

step 4. Rack19r1(config)#crypto key generate rsa general-keys label cisco

The name for the keys will be: cisco

Choose the size of the key modulus in the range of 360 to 2048 for your

General Purpose Keys. Choosing a key modulus greater than 512 may take

a few minutes.

How many bits in the modulus [512]:

% Generating 512 bit RSA keys, keys will be non-exportable...[OK]


Rack19r1#sh crypto key mypubkey rsa

% Key pair was generated at: 11:27:44 UTC Jun 27 2007

Key name: cisco

Usage: General Purpose Key

Key is not exportable.

Key Data:

305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00B21FF5 9462464D

9FB4BCF0 B7E3F2FB 6EEFF876 E47D21C1 E1FB4E7F E4F2D1CC E72CC690 5B2B1D46

BF232E36 E9FD534C 3266FCB9 44F3F91B BDF18731 FC48D487 41020301 0001

% Key pair was generated at: 11:27:45 UTC Jun 27 2007

Key name: cisco.server

Usage: Encryption Key

Key is not exportable.

Key Data:

307C300D 06092A86 4886F70D 01010105 00036B00 30680261 009FE29E 208BEE91

6B94E74D 2E986806 AEC3A864 93A7BB35 57DEE4B4 14DCAC89 02A879D6 7FD52A44

853E2A7F FDAF13B4 914403FA D11C11E8 A5602A99 7B6EEF12 371F2885 04EDDF82

A8C27AB8 A19833E2 B63D143F 57CA4F82 9E4088F0 3113129A 73020301 0001

In opposited router


Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:


Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

Rack19r2#ssh -l cisco



TRY THIS solution. ^^

sorry for late response. I am a korean so local time is different.


This Discussion