Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
406
Views
0
Helpful
6
Replies

config for enabling SSH

Go to solution
saidfrh
Level 1
Level 1

‎03-12-2008 03:14 PM - edited ‎03-03-2019 09:06 PM

Hi,

The following were added to a Cisco router to enable secure remote access, however the Telnet password is not recognized, thus can not log in to the router. The following is the config. Any suggestions would be appreciated.

ip domain-name yyygroup.com

crypto key gen rsa

1024

ip ssh version 2

ip ssh timeout 60

line vty 0 4

transport input telnet ssh

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎03-12-2008 03:19 PM

Hi

You cannot use the line password for access with ssh. You either need to configure a local username/password on the router for use with ssh or setup ssh access via TACACS+/Radius.

Edit - should have said, to create a local username/password

router(config)# username password

HTH

Jon

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎03-12-2008 03:19 PM

Hi

You cannot use the line password for access with ssh. You either need to configure a local username/password on the router for use with ssh or setup ssh access via TACACS+/Radius.

Edit - should have said, to create a local username/password

router(config)# username password

HTH

Jon

0 Helpful

Go to solution
saidfrh
Level 1
Level 1
In response to Jon Marshall

‎03-12-2008 04:03 PM

Thank you.

0 Helpful

Go to solution
saidfrh
Level 1
Level 1
In response to Jon Marshall

‎03-12-2008 04:43 PM

Jon,

I entered a user name and password. Puttying in to the remote router asks for a password. The above password associated with the username did not work. After using Putty to access the router, the username was not asked. Any suggestion would be appreciated.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to saidfrh

‎03-12-2008 04:57 PM

Hi

You need to tell the router that you want to use local authentication ie.

router(config)# aaa authentication login default local

Jon

0 Helpful

Go to solution
saidfrh
Level 1
Level 1
In response to Jon Marshall

‎03-12-2008 08:55 PM

Jon,

Thanks. I selected line authentication option, thus using the Vty passwd to login using SSH/Putty. Do you know how to configure 3Des for encrypting the passwords in the router?

Said

0 Helpful

Go to solution
royalblues
Level 10
Level 10
In response to saidfrh

‎03-13-2008 01:06 AM

Create the username with the secret keyword rather than password which will encrypt the password using MD5

username privelege secret

IF your IOS does not support the secret option, you can use service password-encryption in the global config which will also encrypt the password. This encryption though is very weak and can be cracked using any available password cracking tools

HTH

Narayan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card